Overview

overview

6

Static

static

6

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Cash.app/Cash

macos-10.15-amd64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Payload/Ca...ts.pdf

windows10-2004-x64

1

Payload/Ca...ts.pdf

windows7-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    135s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 12:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Payload/Cash.app/AppPodResources.bundle/Assets.pdf

  • Size

    71KB

  • MD5

    e8a307721a48f14bc4487a202b8da7c3

  • SHA1

    1491e835d588cd326daaa4448ae069540322d40f

  • SHA256

    9518e9e72bd93e380cc25007285ac81786126b03cd01a507b131a09b06d559dc

  • SHA512

    672777300d21ead4c48b658256e3b2e8d5c71b053bc8d85528ffa0d833b710af17998cb96d33a8cb34f6526e3ee6de25d200c37f7e2ca71b98e0d280e3e708be

  • SSDEEP

    768:FIxh1K9o2XKEX80U5IWleCcA3XYvc7VizUjtL/:FEq9o2XKaU64elAnx7ViYJL

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Payload\Cash.app\AppPodResources.bundle\Assets.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1536

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    2507cb0aee58dcec03079c16d01d61d0

    SHA1

    0c4d2d468d83c0aa1ea25533e58d91d5ecdd6f0b

    SHA256

    c9fe7ce0badf1cfce3eea73658ae08cbb300bb56b837e0da696152c2e946e3e0

    SHA512

    c1de2e6ea3282d1aa3414e07e409aae444f5b289cb25c522e6c65aaa65c971b23ec904a00bcf6b68af25305911b0f487730ce8e230d314eb09d1d99c0b341904

    Download Submit