73687129598.pdf| Category | Machine | Started | Completed |
|---|---|---|---|
| FILE | s1_win7_x6403_us | June 16, 2023, 7:53 p.m. | June 16, 2023, 7:56 p.m. |
-
AcroRd32.exe "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" C:\Users\test22\AppData\Local\Temp\73687129598.pdf
1460
| Name | Response | Post-Analysis Lookup |
|---|---|---|
| No hosts contacted. | ||
| IP Address | Status | Action |
|---|---|---|
| 164.124.101.2 | Active | Moloch |
Suricata Alerts
No Suricata Alerts
Suricata TLS
No Suricata TLS
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/278_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/280_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/281_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/277_20_6_20042.zip |
| request | GET http://acroipm2.adobe.com/20/rdr/ENU/win/nooem/none/consumer/message.zip |
| cmdline | "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 |
| parent_process | acrord32.exe | martian_process | "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043 | ||||||
| Lionic | Trojan.PDF.Phishing.4!c |
| MicroWorld-eScan | Trojan.GenericKD.62693766 |
| FireEye | Trojan.GenericKD.62693766 |
| CAT-QuickHeal | PDF.Phishing.45103 |
| ALYac | Trojan.GenericKD.62693766 |
| Sangfor | Malware.Generic-HTML.Save.ma33 |
| Cyren | URL/Phish.KC.gen!Eldorado |
| Symantec | Trojan.Gen.NPE |
| ESET-NOD32 | PDF/Phishing.Agent.NDP |
| Avast | PDF:PhishingX-gen [Phish] |
| Cynet | Malicious (score: 99) |
| BitDefender | Trojan.GenericKD.62693766 |
| ViRobot | PDF.Z.Agent.406642.A |
| Tencent | Pdf.Trojan.Malicious.Etgl |
| Ad-Aware | Trojan.GenericKD.62693766 |
| VIPRE | Trojan.GenericKD.62693766 |
| McAfee-GW-Edition | BehavesLike.PDF.Suspicious.fb |
| SentinelOne | Static AI - Malicious PDF |
| Avira | HTML/Malicious.PDF.Gen2 |
| MAX | malware (ai score=80) |
| Antiy-AVL | Trojan/Generic.ASMalwRG.163 |
| Arcabit | Trojan.Generic.D3BCA186 |
| GData | PDF.Trojan-Stealer.Phishing.E |
| Detected | |
| AhnLab-V3 | Phishing/PDF.Malurl.gn.XG11 |
| McAfee | PDF/Phish-FAK!3FE2C8D84C83 |
| Ikarus | Trojan.PDF.Phishing |
| Fortinet | PDF/Phishing.A!tr |
| AVG | PDF:PhishingX-gen [Phish] |