Overview

overview

3

Static

static

3

re-00300.pdf

windows7-x64

1

re-00300.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    01-07-2024 00:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    re-00300.pdf

  • Size

    284KB

  • MD5

    56f431b17f25859adcb1a9d561053014

  • SHA1

    2f153bb52acd248bff43f9ad43e4ac058ce99272

  • SHA256

    2335395a05afa8bf1ccbc29628b8977e40ae0c4f5d985607041b92f5e1983494

  • SHA512

    0cdf0e7f16d83ff6e28bb9860549c94788e9cf718345ae7eaa05b9a73ac61b19325f430152841395f16250a8e555449b32129db3487f0bd8e80978d72f66ac1e

  • SSDEEP

    6144:zyyRI1I8zE+MIIIIIIIIIBTnZhfGwC4C7AM2V2a/ccccccccccccccccccccccco:zyyRMI8IdIIIIIIIIIlnZhOv4C7Tcbcq

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\re-00300.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3045d55cfdf2aa33971ec7cf4ece6548

    SHA1

    a0a253c3fa5a69eb2dd320ea073769bb485faf39

    SHA256

    4568a46fd0ce2ecd2482106f1bb4f76ee68e32e40c0bce5659f116083ca5b190

    SHA512

    7faff7b5e56d4722ee9eed2ae37e69e54ec47d7d1743f01493711e7ea64cfbcbd29b097c468cf64422d18a941923e1df496ddb8c67b724737e9753284977acba

    Download Submit