Analysis
-
max time kernel
169s -
max time network
157s -
platform
windows10_x64 -
resource
win10-en-20211208 -
submitted
21-02-2022 09:21
Behavioral task
behavioral1
Sample
jena_263905_prep_20220208101946812.pdf
Resource
win7-en-20211208
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
jena_263905_prep_20220208101946812.pdf
Resource
win10-en-20211208
0 signatures
0 seconds
General
-
Target
jena_263905_prep_20220208101946812.pdf
-
Size
13.6MB
-
MD5
169a041e1604adfed0d5970f71bf0405
-
SHA1
c1df58d894e30800a930bd60a6ea07def2419fa2
-
SHA256
9ef15870104a32b1db6b60b11ddf62dbd87f0c5e84d7f382ea56b651d560b150
-
SHA512
e1c62890a28b27f0f7e386170899c8cffa8e53addd7ee3bd5d6f07a22b1e817230eeeda08b151d61011005d7a37ba26cbc49eb3c8ec0acd238f92489eb5aff5f
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes:
AcroRd32.exedescription ioc process Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 AcroRd32.exe Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1428 AcroRd32.exe 1428 AcroRd32.exe 1428 AcroRd32.exe 1428 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\jena_263905_prep_20220208101946812.pdf"1⤵
- Checks processor information in registry
- Suspicious use of SetWindowsHookEx