Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
09-07-2024 11:55
Behavioral task
behavioral1
Sample
CV_zheregelya.pdf
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
CV_zheregelya.pdf
Resource
win10v2004-20240704-en
Behavioral task
behavioral3
Sample
CV_zheregelya.pdf.lnk
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
CV_zheregelya.pdf.lnk
Resource
win10v2004-20240704-en
Behavioral task
behavioral5
Sample
cv.exe
Resource
win7-20240705-en
Behavioral task
behavioral6
Sample
cv.exe
Resource
win10v2004-20240704-en
Behavioral task
behavioral7
Sample
version.dll
Resource
win7-20240705-en
Behavioral task
behavioral8
Sample
version.dll
Resource
win10v2004-20240708-en
General
-
Target
CV_zheregelya.pdf
-
Size
84KB
-
MD5
f6b83cce436b395dd88247e02f0486b3
-
SHA1
4aca0afa9f5690834929ff7d2cf88d2c9104d90e
-
SHA256
70326b666d8af10edf5511458fa68d50c019b2d9b7e78307a213699c6f56ae59
-
SHA512
6ad68b15141a3d7dc9cbcb7b31bd3cae8c576ebe636b5a2695559916c304b3c6192d78e714868eead863e3af71ed5322908f7c3f7ee10bcc8cf76202778ed142
-
SSDEEP
1536:x+pvVo2dsm2q+7EcSXzX/KWOkNRdvMk++Y2VdRRw:x+pt/dT2q+Yr/KWDDU2w
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3068 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3068 AcroRd32.exe 3068 AcroRd32.exe 3068 AcroRd32.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5d14e900275efe45e3922efbf8c98234b
SHA11102591970f480a27de3fb94405d1f3e851d865f
SHA256d4bee2fcbb2a00e647bc1be0618b7a3c124954aa2ea65bba6f4fed03666b915b
SHA5127ce872be623b8dcbb6f3e5dbe74bd5eef2fe0ff34fad293c6f94880d625a85f82da7a023df8a557272257644cc4b29b12081a906cf509aa076e1ccc0707fe678