Overview

overview

1

Static

static

1

FA20698, W...24.pdf

windows7-x64

1

FA20698, W...24.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    25-06-2024 16:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    FA20698, Werner Ronner, 28.06.24.pdf

  • Size

    308KB

  • MD5

    52fcdba01cfc8e373c651f85cc06ee27

  • SHA1

    85e946d0f5abb5c982033538e099d40a66753125

  • SHA256

    91649099a7724ee05a9c01df506f09e143c9018472855c09f53336cf2f4393f6

  • SHA512

    ce0f17acb8e0eb3f60a1df5bbfaf1af6a2564b3da4144229d30ee37b3a340ca0a52ad57fa435d0170b855363c58bbd00fa4512d8abde9a55f44186ef62d8a77f

  • SSDEEP

    6144:bdKhxWJZM6XIRwfZeuiUVYKdj1JcWABLOctIJKv6EtQaPdVBGTipmniGU/SFbf:bdMSZM6YRws7UVYKdM5LHtIJKNBXei/w

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\FA20698, Werner Ronner, 28.06.24.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    cb4db7d33e09c659c5b6fbc1c0aab6e7

    SHA1

    2b78f331bc1a593802e3a8eb09147acfea20797b

    SHA256

    3c30f879a9d4fe7ea9d21cf59da7566891e2f3dbcb1056b3350649b167e12c94

    SHA512

    60dccab06912c3dd1d6bcf1741a6a6591c653ffdc83b7fcb5dffabc7f61741d3a15a04bfe3944d48fb6b4817b99bef86a8898c977864cab1dce9604b18611ae0

    Download Submit