Overview

overview

3

Static

static

3

UNILEVER B...1).pdf

windows7-x64

1

UNILEVER B...1).pdf

windows10-2004-x64

1

Resubmissions

04-07-2024 17:49

240704-wec3ma1cpk 3

04-07-2024 17:31

240704-v3regszgkl 3

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 17:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    UNILEVER BELGIUM NV (1).pdf

  • Size

    85KB

  • MD5

    5bcabb888cbbfeedcc18bead34473efa

  • SHA1

    ced78dcdbc9d11ad9d901934f9e50c84d4d388c0

  • SHA256

    35bdb3bec6505439679eb66167b76b05468e7891252e191ed8f937f9f42a7447

  • SHA512

    72a5d03632e930ccfdf0e18122eff40fe91ecc4374d281f05be1b31bc97c48a8e92cff280f441e3bbe08486c5eaf1f744db681bbc6f38d6f1e9f046249251e27

  • SSDEEP

    1536:efLFbie062QqnWhBp4bOSZp51ALi6B4XrIk/mkT2c1/4leufXwl:ef8ekruByb5p51L6MrIk+kT2kvz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\UNILEVER BELGIUM NV (1).pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    9d5cb7ee56461dc2b479021adb67e4db

    SHA1

    a6044e16ad3b1b6b23ef0351a416e2f0ad74363c

    SHA256

    69e5a32ce89b4ccf460137249f73fc7d3eeed11709cbb91fdc2e47dc05eb3c08

    SHA512

    fca8f0c8f2af614eee229619d174215bb9d3c7076ec419c8225cf54e055f1b1a598c658293bbfdb131ec705405ab5b49cf2603191c59152a95cb24e769dc7945

    Download Submit