9d3f9637e64fa8f4591105e9e54ea236d2ac496454ee6c3b84cefbd124842f63 | Triage

Analysis

max time kernel
94s
max time network
16s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
20/07/2024, 06:06

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

597c80d502a992c30bb034859a8760c0N.pdf
Size

40KB
MD5

597c80d502a992c30bb034859a8760c0
SHA1

1f57689ac40dea3cbe930c9eca067e615898f11b
SHA256

9d3f9637e64fa8f4591105e9e54ea236d2ac496454ee6c3b84cefbd124842f63
SHA512

009e8db2c2ee48033fc65816e28a737c01e779beca736630860c4c6e465a6083c290add27e0b3f84a27b0158fb54dd9e44cd42bb10b3fd406f2928470e896f04
SSDEEP

768:svlfbopXCzelIjXNtYiX/tnxRiwHXCoF5w6a:svJbCXRlIrNaiX/tHiwHXJBa

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
2064	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2064	AcroRd32.exe
2064	AcroRd32.exe
2064	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\597c80d502a992c30bb034859a8760c0N.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
4b112e4bfd702cca075a5d73f971c6cc

SHA1
9356f1c549ecf7f938ca7d1112bf8e6d5ff3668a

SHA256
9a5294396259432363e9bf0c6a1c254e985c0fcf4bd2230504ca0b3ff5c6bf65

SHA512
b7b850d993a8252526133d35f3648db1c3c450d9524c8d5d84f60707d178e1e75132074f3ecced579d63aad1934d48d6567bdd6f9196bcc2449493a70652c191

Download Submit