abaa92747c0606f467a986c56b6b9cdb9897fd2327f9a865d3a0a2120e118782 | Triage

Analysis

max time kernel
94s
max time network
17s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
23/07/2024, 11:03

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

aa90941907dd2587536d068ec0cdecd0N.pdf
Size

49KB
MD5

aa90941907dd2587536d068ec0cdecd0
SHA1

f8fa797208c3b4004cfa17059d666673c2e85577
SHA256

abaa92747c0606f467a986c56b6b9cdb9897fd2327f9a865d3a0a2120e118782
SHA512

00bb3f2b5520cc51035ef68d0f3d65b888e83c8d231bab342d95f45b7132bb516b6305ff42890778b75c28eb9f0fcdc44bab953f1f961b1e6bcc804c6823c42f
SSDEEP

1536:xVfj84BV5jlZ8DgWcDHSog8LSUSb+TbPtk:xVfj8UBZ8DgWeS8LSUokbW

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1696	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1696	AcroRd32.exe
1696	AcroRd32.exe
1696	AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\aa90941907dd2587536d068ec0cdecd0N.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1696

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
8a64e13f38a7d4e595b0f06739158357

SHA1
66a44bf29099a281a994d18f975c345608bd52d2

SHA256
4af63cefaa9872ce50de2393af01b4ee2149db5573d71abc8552d54024b16b5e

SHA512
4fed4979df0be355b74150c401a718be991e0457ec1b754b7737e359b43df6c548efd6292165f31f5e29f58829e4097e69cf6238adaf120b1f778a790daf28e7

Download Submit