One Million British Pounds.pdf| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | Aug. 16, 2021, 6:10 p.m. | Aug. 16, 2021, 6:12 p.m. |
-
AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\test22\AppData\Local\Temp\One Million British Pounds.pdf"
1936
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip |
| cmdline | "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 |
| MicroWorld-eScan | Trojan.GenericKD.46789183 |
| FireEye | Trojan.GenericKD.46789183 |
| ALYac | Trojan.GenericKD.46789183 |
| Arcabit | Trojan.Generic.D2C9F23F |
| ESET-NOD32 | PDF/Fraud.BAB |
| BitDefender | Trojan.GenericKD.46789183 |
| Tencent | Win32.Trojan.Generic.Hufu |
| Ad-Aware | Trojan.GenericKD.46789183 |
| Comodo | .UnclassifiedMalware@0 |
| McAfee-GW-Edition | RDN/Generic.dx |
| Emsisoft | Trojan.GenericKD.46789183 (B) |
| MAX | malware (ai score=80) |
| Gridinsoft | Trojan.U.Gen.oa |
| GData | Trojan.GenericKD.46789183 |
| McAfee | RDN/Generic.dx |
| Yandex | Trojan.Porter.bWoAYN.6 |
| Ikarus | Trojan.PDF.Fraud |
| parent_process | acrord32.exe | martian_process | "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 | ||||||