Overview

overview

1

Static

static

1

aa5.pdf

windows7-x64

1

aa5.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 04:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa5.pdf

  • Size

    174KB

  • MD5

    701289ec427ba77024d3a89e719247bd

  • SHA1

    141b2d090995739a5f448cbaab9c2273c1cfdf1f

  • SHA256

    df3be501188e7c21e5df2db37e23dc000498e6417f31b8f8a724975f59586ff9

  • SHA512

    092c4b5364c14e32d569bf05cb02ab1b90bea56238c233f9da0640eaadb4a1e7b9e4282ca4bd23312a5f7e07df2b41001297eaa9e0ad4320373197af6d3c14e1

  • SSDEEP

    3072:7Jp/QzgaPJ2FHnVVWrVvlR+zcX7VlyyBpW+55/dPuwC/4vc2FYPb51plsSsG:HaJ2FH7W/R+z6Vc2pJbur/Qc2FAN1plr

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aa5.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2988

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    390bc9d088cd1cb01b82797f8c0cacc1

    SHA1

    f5c2d28db43932bb9dd9dc4f3ef17512b8149e8f

    SHA256

    040eedb48a593b3ee877b01decbc4a6e5443c04c74543210b1d8fc6e4cd18ecb

    SHA512

    5dcefb1d58f11613e8152d83861d50042f9df9e90d507a483628753d6c6c2ae8273781f96000a34cb60de294a11e7639b164775e4ba5fd0c81dc301a8baab4f3

    Download Submit