Overview

overview

3

Static

static

3

jena_26390...12.pdf

windows7_x64

1

jena_26390...12.pdf

windows10_x64

1

Resubmissions

21-02-2022 09:29

220221-lgbbpsaack 3

21-02-2022 09:21

220221-lbsc2agge6 3

Analysis

  • max time kernel
    169s
  • max time network
    157s
  • platform
    windows10_x64
  • resource
    win10-en-20211208
  • submitted
    21-02-2022 09:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    jena_263905_prep_20220208101946812.pdf

  • Size

    13.6MB

  • MD5

    169a041e1604adfed0d5970f71bf0405

  • SHA1

    c1df58d894e30800a930bd60a6ea07def2419fa2

  • SHA256

    9ef15870104a32b1db6b60b11ddf62dbd87f0c5e84d7f382ea56b651d560b150

  • SHA512

    e1c62890a28b27f0f7e386170899c8cffa8e53addd7ee3bd5d6f07a22b1e817230eeeda08b151d61011005d7a37ba26cbc49eb3c8ec0acd238f92489eb5aff5f

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\jena_263905_prep_20220208101946812.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious use of SetWindowsHookEx
    PID:1428

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads