Overview

overview

1

Static

static

1

2024_Sem2_..._2.pdf

windows7-x64

2024_Sem2_..._2.pdf

windows10-2004-x64

1

Resubmissions

10/07/2024, 09:23

240710-lcfqma1hjc 1

10/07/2024, 09:18

240710-k9r99ayhnm 5

10/07/2024, 09:14

240710-k7pfks1enf 1

Analysis

  • max time kernel
    33s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2024, 09:23

Sharing

Copy URL
Twitter E-mail

Errors

Reason
Machine shutdown
Report Analysis Logs

General

  • Target

    2024_Sem2_TT_Sec_2.pdf

  • Size

    316KB

  • MD5

    bd778e4f6cc9d817245854e09c99397d

  • SHA1

    c7fe76d88aa1460732f6f7377f6650f63776ff41

  • SHA256

    84abfd9ebe114cdd1fb8edd02e0955b63e9f2282a14c860a38af265fab4da5ad

  • SHA512

    5c2cf3f9f53bee6c65caf1bb567ae07533ae371da8c4da60dbb673690f202ebfe3c2abb9e7a68e3523d5e8b006b69bd20fc20b6f56c7946660f6dc5579795711

  • SSDEEP

    6144:YewchunfUE3kolTynNwMwOcpqPpvsoxRVgEhqRjknKMyiWgEkG0fNG413:Lql0NwWcpK/xjghMKkGENx13

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2024_Sem2_TT_Sec_2.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2088
  • C:\Windows\system32\LogonUI.exe
    "LogonUI.exe" /flags:0x0
    1⤵
      PID:2796
    • C:\Windows\system32\LogonUI.exe
      "LogonUI.exe" /flags:0x1
      1⤵
        PID:1636

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
        Filesize

        3KB

        MD5

        f9cb49670539870f80c248c99f31d066

        SHA1

        6af4332bf411cb0103518f785e71b62cc6b7053e

        SHA256

        2f1399d415b7d4e348458b5d08dd0b518962a022e47dea820ca90765cee0b01a

        SHA512

        49b602d987da72c077d008288c1f8fce6275b51145a73891c116ef99f2b83d5815b82b2cb3da452674deb0e716f7e3e0bc8fd24c8e6db01dc2809e58ecef9a8e

        Download Submit

      • memory/2796-16-0x0000000002F90000-0x0000000002F91000-memory.dmp

        Filesize

        4KB

        Download