Overview

overview

4

Static

static

4

Kalb Edgar PM.pdf

windows7-x64

1

Kalb Edgar PM.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    143s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/07/2024, 20:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Kalb Edgar PM.pdf

  • Size

    626KB

  • MD5

    0adf70523b2c8d75538f5ccda3c9b898

  • SHA1

    e3f39f6b75b6cc2917d060e095b08b1c17148c20

  • SHA256

    9f7b647932a7c58819b1e8129377b23b64cb28b10c94caf2cb98bd43698ec1ab

  • SHA512

    e907652b37ce319b12747d3465195b5fc64085f511fb70fa54428ce46a491141221cfbeb5bd9405a133b99bbf3d7e5318f246e19ea34c741d5e135c9d76c42e1

  • SSDEEP

    12288:5NVdLthQZ055hZ9b0Gim30sywNrxiJPTV9eTap1mGn9ZJJJJJJJJJJJJJJJ4X2JX:5NVdLthT55f9KSyklilPeTaPJJJJJJJh

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 11 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Kalb Edgar PM.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1848
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.linkedin.com/in/edgar-kalb-78aa6920/
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2360
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2360 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2336

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          902b2649960caade0f1af5891941ad8e

          SHA1

          e3507d4ce6062c2ae5811b872fd00b9a07d56bfb

          SHA256

          33ba018e9e70c30c1d7c7ad3afcd68cb17f25595bcf8671e52e1d491adf9178a

          SHA512

          440b6b13f87a1850e74406464bb60aecb122a9c0c1491cf38fae011ab697daf800373acf4633a09b3d11929b28eae1ebb6f29a929943409b4693a3e721d587b0

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          8c1c51811b5603fb309e6151daec69a2

          SHA1

          55c0da49d31413326697616559641f345da99a02

          SHA256

          91de9dbfb02de87b118265bc9248983cf98b91002b496f659b1a15432c53d768

          SHA512

          37a5b1757d577d9ba0e588deadfbd312af5ec0b279e3e5034d5d1da43926222c07dfb20620734c34e863d8b9ca7e96ff481cea38b64785b387964101f7a531d2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          89cc4986e3ebd5b1ab9311650e0ea20d

          SHA1

          1793ffa5f5e609a87106fa7401d763b7a6ec9d0d

          SHA256

          75e5fdd3d071096cb50e0fdc8925ab2c4e56c874c3abe053e0d59fcf12d2083f

          SHA512

          13766d87ba6bed6dbab01492954c09da6527d25625dfe6f999fa6a561947eb6875a89aa394a06f306a1af373d7b38a6463f6dec864f8ff6619c6d3a6b1762007

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5f69918c6c9f5b50e61b3da9cf565f2d

          SHA1

          c6c8cc9bae2e8cabe76115ce73f8386473d55616

          SHA256

          8cc1c9de4ef7f079cb1d6094d6a215f063fd6b5807760ddc5b8c326f95d76926

          SHA512

          ec8cf4c523dc7bcca68513f26ecbb2b288d0a4c2a68277a81feb64fb2358792820580ce495c57dfeaa0703ea31c958d627dd1defc8b780fd6f6a327f48d694f7

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6d1ff3cbbf130b499c0e530a8843078d

          SHA1

          07c00ceb25139514c59d2d2b67c613429d71a370

          SHA256

          3e38d780534bc957908c2b32b6579451e3c073dd72b470c6b9bc241f3c0aa1a4

          SHA512

          9ec23c259a151f0a99289f30bd36b583cc1924d3ab6aa00994b854aa4002ee2af8c2e1a279ff6b6b4c1d15007b7e9cb30533e4ce68d027784498e8ed671589cb

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          9a587300d5651fa63814961fb5a15250

          SHA1

          d99cf6e71cad90e6297968f7eb7ac92c38c09353

          SHA256

          b60bb06c9f66b48d7a724964c3ad864deee0e75637f3281e79ae9b46cda74eea

          SHA512

          a3e8d4de265d7c7e484e38200c8b742168d294adb1fcc955fccd7a8f37f21c88858bc27d3abff57d44e4158a0a1cbd019408df70da16111f17e1c476b7d39072

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          c4bb83c073baa7184628815a3d74fb24

          SHA1

          b2f5406349688179a3bb15ebec3d0e48d10b9c4e

          SHA256

          abad88799ff598ee8500c916cb7d3fc5be8f1399a09e97cbc0f18d52862e3567

          SHA512

          b13acdde86d8a385277fa44a08bd9d4e3fbdabbfb2c30231263e07ec98fc0f99c997ed979a48b16606a59c023652d73cf89a34d9798cc7236142a5e359898d6c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          344B

          MD5

          ecedd297052e42ca39bfdff93048d69d

          SHA1

          2f14033684ea6080b397ede0ff570e3b69054f32

          SHA256

          64fb27c76586b53d65e3e3b6469181f8faf22cfafca8b1a058f81833f71c270c

          SHA512

          0e7fff10810eea5c0edada609c00145570699b3a4e60f0a2ec1fc72321f1e2d2c82fb877d51a2652118230e85322cece92edbee4bf557ec411e4175b6855f217

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\sxsuh4u\imagestore.dat
          Filesize

          24KB

          MD5

          c20b745b7507a787c0c15af303aa357d

          SHA1

          c4387055a9c95589f850af6bd93c0b375e7c5c6b

          SHA256

          a861a1971763d47b80e02889b53f62ae3dbfd7388b211424fe513d44ac591b1c

          SHA512

          4b3601c5179483e9bda5ff0c4c75a8336f31f9df446299b6f568bc14394ee938e598edeabae9a058266400b786376a773033a35337ad01bbc1840bd93d0f8eaa

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\sxsuh4u\imagestore.dat
          Filesize

          49KB

          MD5

          8b83e07b51c6b11ae8c5a455afc4f218

          SHA1

          73ead09db3a768e810033ce3903bba9589f050be

          SHA256

          10931e8e3894bbe85b3c7071385ba605c3a937378cf5219f8c0301b1809fa59c

          SHA512

          84f35bd96c322db1f15f91a35a2c69ad4342bcae8a9e8b14eb42066ea5b0529d2e40b0274b775b3ff6562b3afd8ad8368fc2251b80f4f9b7c2f2daf9decc74bb

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EDQW9R5V\favicon[1].ico
          Filesize

          24KB

          MD5

          b2ccd167c908a44e1dd69df79382286a

          SHA1

          d9349f1bdcf3c1556cd77ae1f0029475596342aa

          SHA256

          19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec

          SHA512

          a95feb4454f74d54157e69d1491836655f2fee7991f0f258587e80014f11e2898d466a6d57a574f59f6e155872218829a1a3dc1ad5f078b486e594e08f5a6f8d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CabE94.tmp
          Filesize

          65KB

          MD5

          ac05d27423a85adc1622c714f2cb6184

          SHA1

          b0fe2b1abddb97837ea0195be70ab2ff14d43198

          SHA256

          c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

          SHA512

          6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar109E.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\TarE93.tmp
          Filesize

          171KB

          MD5

          9c0c641c06238516f27941aa1166d427

          SHA1

          64cd549fb8cf014fcd9312aa7a5b023847b6c977

          SHA256

          4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

          SHA512

          936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

          Download Submit

        • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
          Filesize

          3KB

          MD5

          428da0954a3848bee941a9d47c427b9c

          SHA1

          2aaf88e6fe971d691cf407bef173a1007430b3b7

          SHA256

          3110b11136b673c0d05e885cf5f4f7cc4a4e64868c862bf834d05ea5241cf8c9

          SHA512

          66984cf9422b1452c23550bec617a412b26a77796f9b5002bdc8bb5fac3a12a1b06e77c731bdb20e42fe45e23412cad14cde7e35067388f8c987883db43b57f9

          Download Submit