Overview

overview

3

Static

static

3

Bauwerk_Pa...de.pdf

windows7-x64

1

Bauwerk_Pa...de.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    28/06/2024, 08:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bauwerk_Parkett_Pricelist_2024_CH_de.pdf

  • Size

    2.5MB

  • MD5

    caaf385eea54431f21e8f341ff30bb35

  • SHA1

    1baefa22cf07d8ddfacb63e85e0b4357fb44b41e

  • SHA256

    b2e2b69e7c79ba96b6ae538de6e0c83d2706f18606b067161458ef7fd4b1f8f2

  • SHA512

    7b208749989c4c15fa243bf6fc4d7b0d4aeb074394c3f4905d230f48297aba8b601c4bc72124c33e7f85b1d7034c2c54c05215ef05ba8ebfb8bb09bfcb253999

  • SSDEEP

    49152:bE/2ZoUgioky7P3RNi/TrbHQ0lZw+EBywYMGs5+GHQYTzzP+1:4uyUpoxLW/TrbHZ2B9YMGsUy9T8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Bauwerk_Parkett_Pricelist_2024_CH_de.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    1e3e4160c36192014e6254bf945d5b7c

    SHA1

    aab65df82b4a7e3612f50b2b735e6b795e36ce12

    SHA256

    f11c542010cd0ed2dbd7a97545478a37113bef7497adc0fb9eb415c6d2290c5e

    SHA512

    87fe0337069e2af989932a9daaf3ea01c7660dfdae5ecc0d928812476c8df0b290438f60520edfb107ef8240b3e0dc9e1bda4aeb6fe0662a8f27a6d7dae4331f

    Download Submit