66d98baccf204383ee64d744e01305be78428acb6218042f8bdea6bcda82a8b6 | Triage

Analysis

max time kernel
120s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
14-07-2024 17:26

Sharing

Report Analysis Logs

General

Target

Docs/REAPER Quick Start.pdf
Size

98KB
MD5

1bddb792fec19750ccbbb8352b2b8ffe
SHA1

dd300cb011e0d9abd57f41503e31367167fddd68
SHA256

58045223424d936adcefc09c06f635c30a1aaba0335fc5d5954b43833b53fd72
SHA512

1438030735aa9549e13b2e275210a9c6bb825329acd568d8c38f8debe04474ce01be5e44ef6b76913d47b59d33c58954615754cffbce67de04f9ccbaa8341631
SSDEEP

1536:loTqjohGkVSC9aZHu40Y7w58PxeVPM6b24k8frIP4T8m0qd4gBE:1lHfEU03kPm8m0qzBE

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2700	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2700	AcroRd32.exe
2700	AcroRd32.exe
2700	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Docs\REAPER Quick Start.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
4c1c5cf2ad779cfda20dde213b291c2b

SHA1
9a35fafd3e4e802f192346a32c939e875144eb43

SHA256
c804abe77794a749c0c329a999d3a30374e07aa5d630dda45942fc001c32d70b

SHA512
318f9d7cd01417b6ec4ebaac0ad755247565307639046ebb62f0e09d4e0316fc338aeff101c99ca088c4b93a797dbd4a2cbea8b012c20bd43f9e0182b412d09f

Download Submit