Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
30-06-2024 02:13
Behavioral task
behavioral1
Sample
ce3b778302137262d43f2a7b0efc311dcd5dce516ea5eef2c3f034864903e22f.pdf
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ce3b778302137262d43f2a7b0efc311dcd5dce516ea5eef2c3f034864903e22f.pdf
Resource
win10v2004-20240508-en
General
-
Target
ce3b778302137262d43f2a7b0efc311dcd5dce516ea5eef2c3f034864903e22f.pdf
-
Size
77KB
-
MD5
6a4c6788138ded7f899ab33579b02189
-
SHA1
e859862d0f6b10974f5f8afa5f6ec305eb10983b
-
SHA256
ce3b778302137262d43f2a7b0efc311dcd5dce516ea5eef2c3f034864903e22f
-
SHA512
2770c0423419ce24fe3cd79f7c6fbbce7bd2f9427090c442e15af5a0f1b14bb89be52a7ce35072936d67ffa96d97f93dac82ac94552213ac4b32a7c81d834975
-
SSDEEP
1536:HoBpNyNL+NI38jEIBb46H3q7TGQn8U+9Q41nPQF+ZqWXTZLKZ32O3:IBiLH04Bx+9Q4qFQfcp3
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 3016 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
AcroRd32.exepid process 3016 AcroRd32.exe 3016 AcroRd32.exe 3016 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ce3b778302137262d43f2a7b0efc311dcd5dce516ea5eef2c3f034864903e22f.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEventsFilesize
3KB
MD505dd813085089d2401623bd4d53f66ef
SHA148629f15af7011e9d4aafb76d28f10f0713e8498
SHA256fb859a7ebc158ace66d3813bb623643153672cdc264b27619d0f55397175222d
SHA512417905a6dc5dd1335357662de2e7255978012e4ecaa8b525a31805702007661e9aa41c00e35356e4055fdc88acfde21d677be2a6c3d0444e15daa11aa10dd87d