Analysis
-
max time kernel
4294210s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20220223-en -
submitted
04-03-2022 05:31
Behavioral task
behavioral1
Sample
[CV-3] JNT Connect_EN-KO-EN_Engineering.pdf
Resource
win7-20220223-en
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
[CV-3] JNT Connect_EN-KO-EN_Engineering.pdf
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
[CV-3] JNT Connect_EN-KO-EN_Engineering.pdf
-
Size
346KB
-
MD5
17a31fd297b5fe2e4e2a2e14a5993771
-
SHA1
7e8248829f584747c8a50783394bfcff7aff0dcc
-
SHA256
ca9f19258a12aadce2ad27cab501da3ce58492e9b6e6d6df9197b64e158f4e22
-
SHA512
8887ed9d3ff84237a0de2e7386d3d734118f13d2a8480af3d1eae58cbda96fc24a973c8325d50f751135eb14f8357eb674cee5e9fe6024da90323ecaa7149909
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
AcroRd32.exepid process 1152 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
Processes:
AcroRd32.exepid process 1152 AcroRd32.exe 1152 AcroRd32.exe 1152 AcroRd32.exe 1152 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\[CV-3] JNT Connect_EN-KO-EN_Engineering.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1152-54-0x0000000075BD1000-0x0000000075BD3000-memory.dmpFilesize
8KB