Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29-06-2024 20:22
Behavioral task
behavioral1
Sample
3a804877110d9b9ef5a57d7deb3b1844e6d9bbfd904a52710a52ffceeae8184c.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3a804877110d9b9ef5a57d7deb3b1844e6d9bbfd904a52710a52ffceeae8184c.pdf
Resource
win10v2004-20240226-en
General
-
Target
3a804877110d9b9ef5a57d7deb3b1844e6d9bbfd904a52710a52ffceeae8184c.pdf
-
Size
76KB
-
MD5
9d554349ac12fea39ee054c380952061
-
SHA1
9aba37a06466bf5ddee4aa921acd38f6e4ac3de4
-
SHA256
3a804877110d9b9ef5a57d7deb3b1844e6d9bbfd904a52710a52ffceeae8184c
-
SHA512
687d990c7548814b0dfe4315c437f1e83f183a631a1234a6eed7e78f7bf913643406ef1f05e91f1e9b1992c2b5fd3531f5a0e954108edc12bbdcf510c6d344e6
-
SSDEEP
1536:KdwNg71n7ZTtg9o79iEX0vKFFe6x1UDttidXUb2JTZF4j5jLT2mjE:pu17ZTJ0vK/74cdEWYj1H2x
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3048 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3048 AcroRd32.exe 3048 AcroRd32.exe 3048 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3a804877110d9b9ef5a57d7deb3b1844e6d9bbfd904a52710a52ffceeae8184c.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD5f987cce9aa99ffa1046061c3d5cea5ff
SHA148c51521ab911de02d95fe18c863a274c31b0bba
SHA256b5465a840cfa5ff202bc892b950decb2aba7978dffe1c85d372f5c2d47ce28f3
SHA51203e1572593556c2ce49e2c0b4758d81b805aa7da748e6c8549f5f638866f0f398bab471771d470a051f5c37c0e8eef4fd3c8c1fb93e8b355fe745cb13ca1c77b