Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
29-06-2024 20:45
Behavioral task
behavioral1
Sample
44426e0c28d503340e360cd13bd4f170bd8a767cb3b08ee7da8641cba7602723.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
44426e0c28d503340e360cd13bd4f170bd8a767cb3b08ee7da8641cba7602723.pdf
Resource
win10v2004-20240508-en
General
-
Target
44426e0c28d503340e360cd13bd4f170bd8a767cb3b08ee7da8641cba7602723.pdf
-
Size
81KB
-
MD5
bf5bd71f4debad182778ccb90293d114
-
SHA1
72c80c78a794f7cb92df5e9f31405285b3dafda4
-
SHA256
44426e0c28d503340e360cd13bd4f170bd8a767cb3b08ee7da8641cba7602723
-
SHA512
5e848fc4517a2d75d21875c98f3aa7a44423a6d43e195b7358c5e206ee498158a5bb6a882b57117700b0244342611324d3857a0cb9df8da2629326e0e12885c0
-
SSDEEP
1536:hNhUu/lfKMOgt8qMl96kCI70ddwcPwAN4AQL08HOs5ZB1X9TWvbhx7Fqh:/jlfKNHnCIwscPVN4AQL0895Zz9Kbv7O
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3008 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3008 AcroRd32.exe 3008 AcroRd32.exe 3008 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\44426e0c28d503340e360cd13bd4f170bd8a767cb3b08ee7da8641cba7602723.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD51508e87483cb0ed8ed8820c50b5d6fb9
SHA181b1d769ddec624ba96e62cfeeb7f215fa0361bd
SHA256c6b8701e5c310b315e4a1152cee70d11e638f3df2f7b21a81963eefa3eb09068
SHA5128d44fcea2cdcbca71c804365f5aecbebf7b4d9db3004af6283be9d9cc4d2f2243132830db492e7e075ec98c9f0b599bfe18f1ad5501df22f28ff35633a51eb00