Overview

overview

1

Static

static

1

INV-000001.pdf

windows7-x64

1

INV-000001.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    12/07/2024, 20:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    INV-000001.pdf

  • Size

    19KB

  • MD5

    597687e4aacace4c319bae8b245488d9

  • SHA1

    ee66659bc6ff2ae61c24e5f4caa44bea46557f66

  • SHA256

    a64a76add933c13af364c18c1cd73246d65a7c2e103a851a58613c2e4237cefd

  • SHA512

    f8f13ade4f6516b11a0e5458b8411ddd4d6b48ebf33d9c37c62c5cbf6d4ad6948197a0690808156c20663ac7c44a0964722fa9bcf6f1604a2b496395bc996bb4

  • SSDEEP

    384:sCIf7SdZtvooDBjG/thEks/LrxqxDgHrt1kWHFotT9jctdABNhJW:G7MZtvhxJqeH51kWlojEABpW

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\INV-000001.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    32a11ecb250a6f99e6c627c514f2b127

    SHA1

    f5d845d209fb24c6cbfa7bebc34129f79c0310c7

    SHA256

    7f6bedb1dc0b70570da2d479f06647ade700cb74a86cca79ce2fcefa83dbb941

    SHA512

    a6c31ca780a971928a1af4538d1f72ceee816c65437c3314d7e40ade4c732f5c109eed5f571b690d85bd87d52700d32c89ece97239bf4a26ace14863515f9774

    Download Submit