Overview

overview

5

Static

static

5

7BIC.pdf

windows7-x64

1

7BIC.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    64s
  • max time network
    64s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 07:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7BIC.pdf

  • Size

    1.3MB

  • MD5

    5c66f5396a267e08472c8943e1f96a46

  • SHA1

    9c82293caec4259d0b91b8e91bf11f9a68cd0ecd

  • SHA256

    6d987248a7df4508f0ff217c82a09e8a059c212fee2b5ade4819fc3092432f33

  • SHA512

    9a5016a247c62308a0ecf4d19be7dd858f27418af23e3df05a1d8b0405dab3e6708d33fa93042beb8eba7126efdefb9bc8e4a0b47a2dadd557cf25f4d716d039

  • SSDEEP

    24576:snHqAunsVTPFTymnZLVcgmNe+oa6+nkHUw2bGWjYy9DU1QQEVyGaC:wHqbs15ymZLagmN0F05tBUPEVyGZ

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 24 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\7BIC.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2256
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://conferenziaworld.com/finance-transformation-banking-conference/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2528
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2528 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2668

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7356660a80e413aa79327af5bd58028a

    SHA1

    c5ce168214a18b2b097b1ea34f0fae6a27959792

    SHA256

    b4179806ab5f9b7d3a093b2a317b900323f57f8007111f05911663186bdf8693

    SHA512

    bd13ddda6ad4528efa9b0ef75514be99cea42c20e33dc0c417027cb78fd5ede5d1566d9d57d828d3fe955d64e8e5fc003c2454b9b7fe1f4ed2091b2c784f1162

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5f36118304811d299f657e3686ab5f1f

    SHA1

    6009689f583fd70038c27bdcc6ec25f4664e6bc0

    SHA256

    d98811656f029963cdcb424a1b1c9ebcbaafeabdf10a91eff9bfe86c8adb54f8

    SHA512

    e3920fe7d740ffaf60135fd4ecb1f7db27501ce9c43da5e4cef7f8426dc650738bd420b30584591fd0a48e0221d8bc5c3112cf8535a527d81168c793bb4c7c01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0a5cff091063cde2336bb7bd3213d52a

    SHA1

    bf57d6ac88c85cdd82baed67f37f63488d88908c

    SHA256

    b2b847361b0171522d4b7844449af7a7bbf1a9c0f70f5756a2d02cdb5b87b765

    SHA512

    95bf9eca8b9429ddbb38ceffb7e1a777265e92d480aaced80cf4259286f67518edc640e2d7817d1a4e2aa49f3233ff88eb9f43fd634c028416fc57e98b66dfaf

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7f561b5f68ed83ef6376c068f053e24c

    SHA1

    45e14e10796c5ba4e9455bd531251eb0ade40507

    SHA256

    b0e0b397d5afbff3144200d045e815c41e61e9d1644cc03c2b2d8166d69f9434

    SHA512

    8a02009a40b354e494181be708ea1cf7ab86f9f3635385a4477ca4fe656a80878246221572ef81e1c5ae78d1a259694a87a213679b9969b2633eb1d51519a4f0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f95b3c87031d689ac23c896343cb6007

    SHA1

    1e11c00aa953c3408c6daff6a48f5a328d3356a1

    SHA256

    6489f1adaf183715bb171ab5277acde3ec2064d70c70b02c5eb3fb19a300da7b

    SHA512

    26d57ccfc49ae5428755efad2211b25b72586fa944ed3fbd8843258fc96271030a47a07ddd17f5534d63c54ab8ed2cf5bf8aaf9c31ceb3607d768e7027bbcc97

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    66deb8b92a7a17bb5ca5f89523531cfd

    SHA1

    354a51ec214d19fe36f53e318e84ec1b9510bcfa

    SHA256

    b211c53238bb2611f066a989924514b80cdab7c616df907fa8f5c0052f0e727c

    SHA512

    342b45b64a71ca0909eda2439b21dce6e4f7cc6b24202e5e2c3facf231897c00e4e7ca45c8efcbaef68394d68fe311c376b8990e3824525f0b4b4c5ff3fed755

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    22ff410cb0468770fc3dc6af9d35a36d

    SHA1

    43ad1fbad578355b4d75279be5aeaf148a764b02

    SHA256

    38a10ba9ec205bedff836c916aa1adcc2afdd9313e3c58f763cd77eb29ab6027

    SHA512

    5e024881822451d0db6459c73fe63c5287c825a695c02115be4852b20924830d4a81c5b4bc541dd7c7603e2a1f6e4fa1f39b84a8795cb1ec2b90578f28913049

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0e9de95c2ccd91caf8ac7d0da18d902f

    SHA1

    6633c714c48e9205525269dfecd028678b13a083

    SHA256

    aeb2f3dda74f3ebe2018b0daa1fb136c93e48c6506819d5e7a169c435bdb50f6

    SHA512

    ee31821d5c3932e4d0e87e839701efd8888844baa51fd054b05aadbb5596414a30e3781749c2e5d68cb2b97c8d649cfe52bbb95624f415b2bf064b82c17faeed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab126B.tmp
    Filesize

    68KB

    MD5

    29f65ba8e88c063813cc50a4ea544e93

    SHA1

    05a7040d5c127e68c25d81cc51271ffb8bef3568

    SHA256

    1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184

    SHA512

    e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar12FE.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0112bca33cefde51722be54fc7e0c873

    SHA1

    a4d1b727a27e371e7143c164b65204bb60493246

    SHA256

    9133356d538da8fd863de99049dee450d5e16c64645f13153e1b3886361e7b4c

    SHA512

    d233290157ad3762d523ecf0e6e7968bd4284ab4c77ae3fb67652fb85d569ce8fbd3b0c8e10d37adffe041bdc7739b4f44954dc3568cb203a2d726425f75d773

    Download Submit