Overview

overview

3

Static

static

3

Material.pdf

windows7-x64

1

Material.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    361s
  • max time network
    364s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2024 01:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Material.pdf

  • Size

    350KB

  • MD5

    72c812cf21909a48eb9cceb9e04b865d

  • SHA1

    2dc265f23be4cf7cda328bdf5826601cf4f4bf43

  • SHA256

    39fb927c32221134a423760c5d1f58bca4cbbcc87c891c79e390a22b63608eb4

  • SHA512

    dd246487f348dbba52c7dfaae3f943b0324414c182e0de862db7d23e82ab5362c21b8733cf84af466529c631938fc544d96d78c51ea4330877993e9da7e5cbd3

  • SSDEEP

    6144:zB1De0g/RC7lTqMAwraJOZMtXEHJGPSgwsTx/xE99jvQrZqZDxlK0oZ9TK2A6CO8:6+lq1wWAZMtUHJGPksFJYtdlK5TXuWM

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 10 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Material.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2104
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://a.pomf.cat/hgfetb.R11
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2168
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2168 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2792

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    816d51f9b84dfab675af77863b2cae8c

    SHA1

    8f4ce2ee963ef6ec546b578ed0fdfa7636d85bd4

    SHA256

    4e6666e7197b94e990032dab869c35d781678fe565fd94661996c3c4514b80be

    SHA512

    1cd3de1002272284e0c0dc5468007b9d88122a6696d04a84f53c7366869b2e9dd22f4c8138f36c2f2307faca5533094f86de4224aac7159fd22f534f3168a6ce

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    21c01db41b11101d635167a2c3a2d8bc

    SHA1

    de53e677fa4b461a189bd83f961b2a97fed7fdcb

    SHA256

    41612d0c24d70bbd40cb830fc49958325a35f07c2e5e81069a9679629506c137

    SHA512

    d9e1c7ac9d131009abe9000f72e0cfda35be6f601b6d4bbe7dfa23c630d6ab9d13e79264209be79c2f30d230742f4645c955555b064bb2e7b24ecf05d3868672

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6c4f6ca0a33e18a97b2c55d36c49332c

    SHA1

    1f40323bb63857f137cd25ff7fe66b1eee7c5632

    SHA256

    b24c4b961eb98d98c5228fc08264de1e156c76b6b40ddd98ee90037f7eb3ef79

    SHA512

    30e6bf250e28ea9080ae38514c1634f9cb644d8ef205183b6e2d1243d011f3a86a446a6ed5b430275c2bfdf02d7a1c5703356b250342ed681799b255cd7aa4fc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    7e358c110a365de9067fdd3acf73f62e

    SHA1

    6528c93c96c6c551f5a2283dcdab384469dbbde9

    SHA256

    9cad050a8712a1e006a7d0d4a9e5e38cdf5d51ebe60766fea3611dc99bfcbe0a

    SHA512

    e1ad34eb575bece155197a6003476f254dc5bf85c8ba45953a7eed6dc97d6f3fea6520aa2effeb3b9a6d280368b557ebe32a2fe773f1258e849e8263df803884

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    54a3f4e65303cbd8b2c7e31d3bf8d8f8

    SHA1

    3e0b0dcff932aca9e26856ffd0da5d3130df3af9

    SHA256

    22d4c7c68b1e7696f767aaf6199ada3b0e9eee0d8591169dd36dd666bc0bf55d

    SHA512

    8d8a1b6b415838ff3bf5500c2c12ac93bac575c66182a5a5ad13e9f3c632ce0b0f9afad5e454199692342bd84f77312349cbf98768c7dab204d491a98c962cc9

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    71cbc3610169888d3e421319fa84c515

    SHA1

    43dd95e664998ab569057950f9aeaf0819b064f7

    SHA256

    7da344bd49aa2668b547831268346ff9b4e2eced63e808dc3b37ca9891a32d48

    SHA512

    b5afb15ff094fda10234d6e5d87edc1357ee0a88c20ad9b56318e27ed723a5c2aba82be537a4b89e2b479311ea4b0d4c4e49b74a2380e05967a0143055f03118

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c5d4cebc3ce9a8d837b285dd3d8e9990

    SHA1

    d2d24d67056a0940a3697755bdbb76c9792865ee

    SHA256

    2c4464273c28d8d93e6edbe68d25ca97a97d20c6ef613c83f1e85d92dc050d5d

    SHA512

    5735228e9ab920e35400c655710a55149eb0157de3bd08ad409cc736e9d715e9e6c7446582919e1fdd6376a4aec538eb745e14426fe4f28648183a4ba9bc3b32

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    c752b777e6392a4fbad8284f9cb42eec

    SHA1

    a8c4ae11a1d8f52a6a7d7f82595d397cd34a1542

    SHA256

    bc95bc5e363e6e8ab3f770fed60f307161f71c9806a35e796edd34aab5e842e6

    SHA512

    332ad892fd0343eb59fef9a85cf24896e46bf8c2dfcf7d249d9997fd88cc2803014af706a4e08727a48949debfe75977faf9c816627d118328d4fd53649798bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    0f96a443a97b02c81c1119b495650599

    SHA1

    3628cdf7a438cdb15e31ace5ef974f51bf876ab5

    SHA256

    1220766b3364efbfc3ccac29b98f16f2a2e8be1f6f1ddff3ed07820a8e42172a

    SHA512

    119ea77c9087eccb3a55d6eef51b425fc691c0e0f9d083510cecf0cfb163a441b701e2bfc7e0a783ab918f8f75e94403dcf5bcb1b75dea3933f6085b79b294ab

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    4a134f803aaaf6ab8056c690c1c36239

    SHA1

    d253343e75f2e9ff24fc730e86f4ef2ee6d67da9

    SHA256

    9c9d4a6add6890d654d9eb5582483bac2b9b88cac61372e11aa033cbeb490f44

    SHA512

    02281c474540ccec48c4758fc16a40d547bf896791034c86cc71bbe06f9039d741e6de0c5e15facf65730fef336296290d8b72b58dc679b04f4abfd8440ff4a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    387e308ec5783ec6e0f1e9cbe62126b8

    SHA1

    5a054bb5c1810d3836fe6ea910dc8b460881ab65

    SHA256

    250945470170c99da7aa7bcaf35e9701eb7db62c02cd505201cddd4bafcc133c

    SHA512

    e1f832bb93606084a1fc6ca6d6fcb42efbf2e950b22e285b9fc6f7e24f19d9295fb86eaed2ad541e12c0984b91077674fad6197759b4f04ede1597db54c0d562

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d941545d14ca7eb56676f57db76fa523

    SHA1

    10058f305cf68f69c44651af16110a6e3cc631c9

    SHA256

    7a4ee31fc43f745729f9f68c982e7ad00a47762ebc38b9cd8819c70de7372adb

    SHA512

    670fb9aec3a06ea3faaf67e0b107d884f4d9921b87d053873ca54508caa3c812ba3ae2ecf2c955e3640604a87c4f56fd6b8a585eea18d6a3a00358406281b9e5

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    e02f93b128cda81ad4a4d848315f3fc8

    SHA1

    0c44467f7a24e102af46e5da3db98359f2bf7424

    SHA256

    7a932bc54e8061181f2c7addcdd95c70a6d45084b16c0a214943629365545b0c

    SHA512

    62a71090788880308c4c54e0de53d08a75d5f62573c578cb36407026c76075c2ec58290ffc351c6ee058a6b9c2a253737605dc07381f7aa732ba3386498557bd

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5a31ea81efafc41fc6afac0459b2b7d7

    SHA1

    976b00c411e9a35bd8bd281320bd856cfaf2919b

    SHA256

    b6c5adeb2cbc15a407da681adb55b26501c4e04009e2bcc2787e26642e2590cb

    SHA512

    11c5647bacbad71d1654ee917e35a656dc1cb5dc613b9abb04b26e1c3a3f0482d5c1a8d216af7841a032006775732b5cfe0c996dbb5f01d0904131293513dc8a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    8dec5341a1a39778a5cbf0989a40e674

    SHA1

    a271705ac7a8632b3ec04515a626b22b0dfe4227

    SHA256

    03bfacc8116c88570e0ef2cc524cc9765e94e1dbb3a69055410a4926c4b84522

    SHA512

    0441f999c2a5c4734da935a5dee5d3396bbd8f486183cb71e117dd6d0e924a0040d37fcba7dd3e37b2fa7144a422a61189b0762b22189f1ad414aee4f738ce7a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    9731a512e1a1a15c9fbc7bfcdc9c0cfa

    SHA1

    6e68fe07f0a31634d59e2f1602e0534352179d9d

    SHA256

    218ba3883d16c44c1c28463b4fe2a699f8986a14705d6998d08dd40db6b31553

    SHA512

    cccdc980837b1b60abfd89d02b1a305b187828e3a0f33d114b6c5d323c1599bb2a33b62bd47aa50f43c4bdc1648969a39ec3506bca123ffa33d4084cdefcaeec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5007ab4f41d2f33ba907ac96a5141191

    SHA1

    b466d12e260593d9cfaff9dcc15057bbe2b150c8

    SHA256

    7fd81e6e844f293dd1da2816a7bd5a0dc25ef650df8223d58730c75b7356c4ff

    SHA512

    a9165f03aadb03cd431f1c4dfadd185b760be8e1bed6df3ccce0c792d5a38d093cbf63eae87ac991613b5a77ba57d2cea9d1dc91d83eda529cd201741b59e730

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GA43GQEJ\favicon[1].ico
    Filesize

    110B

    MD5

    2f0c89ca994326968406f1921e505350

    SHA1

    fdfb093baeb7a48848b5476934c2ac9f0f81b680

    SHA256

    43006c85c7f69e9d1f8842a1597a7287b1d3a5654e49b0e9eff754b6241ad867

    SHA512

    be7f79e108d0fa9b5091e761216e465aba158e027aada36ba54bd714246247a976b93b2c5bf86fbd9a534505f3d290727ddec09563b0a9ce4904e13c82a35d46

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabA45B.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarA46E.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    89bb155e406eb657d2bf9366feb5a100

    SHA1

    6937ed106830b05496612578761974550811a281

    SHA256

    0700eb68a485810255146c1d24cebbd0592e1c5828034ee931f71e2de9039db5

    SHA512

    1f79dccf09ec7e626825ebb620ed9cb16d8b373ff33d6b4cd52c13aa579cf3eddcee532b1fe42a18ed4336029031f71e8ca9eae74438001ea8e5c3c81f99a9b6

    Download Submit