Overview

overview

3

Static

static

3

b797f49ba6...cs.pdf

windows7-x64

1

b797f49ba6...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29-06-2024 18:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b797f49ba630647880c25966c0bce1668fe76483e9371524ef29e2f241bb59c0_NeikiAnalytics.pdf

  • Size

    117KB

  • MD5

    5329d9ef0bfa8fc6669af517a27e5be0

  • SHA1

    ca34153136ed0e72c1436c10f380cf57866fb5ff

  • SHA256

    b797f49ba630647880c25966c0bce1668fe76483e9371524ef29e2f241bb59c0

  • SHA512

    f1461be24e160986bcc617df39f0b118d7f4ada340f7530b31373e1bfed0552eb40531f6b748b4c1f3ef4d21bcc4f45d3363f1ca18dc11c756f6fd42198c116d

  • SSDEEP

    3072:AT8G6NFMF5V4yIitoVHr1bwH+JYF4lGMTyqyyj5:AR5V5RyVHxw8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b797f49ba630647880c25966c0bce1668fe76483e9371524ef29e2f241bb59c0_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2132

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e3e201a3a89c6b873b2c34503bb34b3b

    SHA1

    4583282a16ed2e23f5b4381eb16e87735702916c

    SHA256

    baa7e3fb93828c25e3bab53ae154a378b7ecd2bc2b886672953b8beefed303b0

    SHA512

    baff5b944987764e7a85086fa2023ba00d49c51321ab7d00c8a9e53b39f63108ae7d58191239767b0dc4a5892b78c97ca3db4aff7c2ac6335d8535430266c649

    Download Submit