Analysis

  • max time kernel
    94s
  • max time network
    16s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24-06-2024 11:31

General

  • Target

    RingCentral_e-Voicemail.pdf

  • Size

    72KB

  • MD5

    17f7d8c5859e45b196a0c6728a3e45cf

  • SHA1

    4c6cc2c9c0762494922ce0da4884953a861cee50

  • SHA256

    0a99dcb4d6465d22a857396d0de737b2780a900bcea8992386b801cf2076e0ef

  • SHA512

    b1ff36bca94c7a9aef2473db5890198b6effd06b91b19b5eec7cc21fff1ac0e3ec2925ff7fdbd762fee1186412faaabd03ed00a1b92b3a7992d27b2ed18c0770

  • SSDEEP

    1536:kONCqgprCVh2yoWbv2wt9VUJsi6lgDxQIoBY2jKSBcQeP:kOcLpiRn2wCJGSNpoBYKK6cNP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\RingCentral_e-Voicemail.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1912

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    79e008b653b041e622b40dba7ebdb6c8

    SHA1

    95a680ce4aa634eaa7a88ffcda38fb9c68bea490

    SHA256

    91c550ed494ca78f44838ae11f2f6eb73803e26746afd258cb84c602aeaef5a6

    SHA512

    642da0cd9e9ebfa1ec6085a5c3d2d52903c1be927e026a489c4fcdbfbc205b1867dac568fba601af27d02b27c1d5bcc5c0fcf766acab4d52f24686d633119428