Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
30-06-2024 00:35
Behavioral task
behavioral1
Sample
a47188d675283690ee0e6478f76496ef40173ae445d0c3e31343f69e6679e89d.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
a47188d675283690ee0e6478f76496ef40173ae445d0c3e31343f69e6679e89d.pdf
Resource
win10v2004-20240508-en
General
-
Target
a47188d675283690ee0e6478f76496ef40173ae445d0c3e31343f69e6679e89d.pdf
-
Size
83KB
-
MD5
c29bd761c7235edb28f5cfb7970e7d86
-
SHA1
3dd5a1e6072fa9578a4061eb690fb51765207d23
-
SHA256
a47188d675283690ee0e6478f76496ef40173ae445d0c3e31343f69e6679e89d
-
SHA512
8ddeaa598521f110ab8254f5842da830852716a5a8c1afc913a35b114df24188adfcad7b25c663bfc44b3b73b06e881e42de865475d045cbde3259172e4e9a94
-
SSDEEP
1536:fVWqHjR3z7guxAcUrJzFxjGozE7F+Xj2d3lURTPIjfz3d3rDsKLnG2qmwlYWC:dWqHjt8iAHxda+G3lkwbzxIKi2Vw8
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1224 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 1224 AcroRd32.exe 1224 AcroRd32.exe 1224 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\a47188d675283690ee0e6478f76496ef40173ae445d0c3e31343f69e6679e89d.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD523241c6366446b7c95e1db53a65880fc
SHA1b59b58a55b3768fc72ed85ec2ca1d1298172ac4d
SHA256681a18f4352aa075242c2b74d5921800fe9303cb2681beb3ca8ff1afb240cd02
SHA512c74947f844c60d52c31c525d99423c0a3164a0b9cbff8f9c73e5846c289a47e52a4b1b63dec98984e4db2953d435c0cda64293fe95be3f5bf5c04af510ce94ad