f60c7fae216cd4c6315e9dc8daba4df3da54c7fd75d1e9648bc9fb8caf17f8ce | Triage

Analysis

max time kernel
118s
max time network
120s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
16/07/2024, 02:59

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

582bb309369f99ce848a190ffcbea8e0N.pdf
Size

252KB
MD5

582bb309369f99ce848a190ffcbea8e0
SHA1

d8749e73ed0d1b6ae00e8bbd44373eab5ca8e309
SHA256

f60c7fae216cd4c6315e9dc8daba4df3da54c7fd75d1e9648bc9fb8caf17f8ce
SHA512

c5d75fa6e2de9a14fcb1de9b7f6e476d71a67538e131823c7d1df2eb5842c43f92a672607b6677ae7b1f097f70265b08b1d84470f30ae04b00b16b60f8e970eb
SSDEEP

6144:bZHOOQb/7F19ZylMt3q03AEVlJgDQiDtvfsXlqK9x:VObjF19Ft3qPEVMDVfQ

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2820	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2820	AcroRd32.exe
2820	AcroRd32.exe
2820	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\582bb309369f99ce848a190ffcbea8e0N.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
8b965c0ac06d8acf5d70ce599e3b9099

SHA1
36e4e324222916e7709d48190f22472ecf4ef3a8

SHA256
f4dc4fee3d707073b095c95bade936aed7e843dd95c2cbdc396eba202e8bb4db

SHA512
f0d6ebd9b0699cbafd895a2100eb1816899d444c2a928eb144f1f4116f0503538051bc4ea9fd847d01f3e1c281109cf15638b2ad9611ba3c7cdb3f757c9e5cc2

Download Submit