Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-06-2024 18:20

General

  • Target

    24_06_22WeckrufNr2.pdf

  • Size

    707KB

  • MD5

    87d06e05efc569d7f256db4c72082786

  • SHA1

    9722215255ac7ea35f5d40f57f09db6b65d41c85

  • SHA256

    d0deb56f05cff6f54008816f1cb271986c42a4d03197865561600c031a774c61

  • SHA512

    717044c1a638456286ec019ba8b7109f19f6b507f73da3ebcf6c2e377a6a533b77ad259b41109dafacd94db3b3fb55dcf021a5fa5747368080ad9b99fc1e7047

  • SSDEEP

    12288:K37w92at2lRLWbbs2qPov66JLnd5C8xcFMHr4ymlXbcDrMBF1PRoxW:S7w92aQys2qPoSuT8aHr4Lln

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\24_06_22WeckrufNr2.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    d5d6ce183e256b90d7d62e3e58ba99f3

    SHA1

    240c9e6565f24304be9e4a51192d63a4a867f89e

    SHA256

    73fd78a61c4d4a28b30c1263ec41e456cb0e33d77b278849b5d610e0c8dbd574

    SHA512

    10d4fb1859125e14a95f22ae80ad66e74b4d9645ebaaa39283bb35df1735544aae1952e9211d77230ff0a4b0ac5d96127484313d89870dda4cd114f3a3aa2cfe