fd0d588f6cf305473f1d8bea80197dcff21b66988ad3d6b7bbf3aa721e5da5e4 | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240611-en
resource tags

arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
submitted
25-06-2024 14:14

Sharing

Report Analysis Logs

General

Target

estimate.pdf
Size

45KB
MD5

9f4b9954f398d08344c2893dff66aa30
SHA1

e4a9f186e5d1f74137b3fcdf0768b83a8da68c6a
SHA256

fd0d588f6cf305473f1d8bea80197dcff21b66988ad3d6b7bbf3aa721e5da5e4
SHA512

fd5369832e619d384c24948fa0106e2f15fd9e529316b7f118d015a32c07c86efaae91f400b466f8ce87cfee1da201b7582ec17af14df04f7881a6deae0a74f6
SSDEEP

768:hadzrFgDCwxI3tbLL1MpMJ5sNxc9/JHXhNPe8tjFBjIJfH7kW04xy0:kfgm3tXRSM7XXhNPeyBwfHr

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2416	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2416	AcroRd32.exe
2416	AcroRd32.exe
2416	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\estimate.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
8a3ac4feddd4e7264818c48c41719d1d

SHA1
23c7aa0f4f2e7d13a97b72834b3fa333e6247936

SHA256
ca654c079124215de32b429c9103b88adef1c560827e8623524a47a18e94137f

SHA512
8f071659ed9bcd6124200ab23f6a97a39a7582b602088eabc736703ddb2cd533ce051b44cdee764873a42e9d4f3e882860223b15bb7d48193c8a2bff11ad96a1

Download Submit