3959fe5de4dde7c95270ee277fc79b1119d5d0397df32fd5629406fd00a4afc6

Submit
Reports

Overview

overview

Static

static

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Cash.app/Cash

macos-10.15-amd64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Payload/Ca...ts.pdf

windows10-2004-x64

Payload/Ca...ts.pdf

windows7-x64

Analysis

max time kernel
121s
max time network
133s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
05/03/2024, 12:36

Sharing

Copy URL

Twitter E-mail

Static task

static1

pdf evasion

1 signatures

Behavioral task

behavioral1

Sample

Payload/Cash.app/ActivityHomeResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payload/Cash.app/ActivityHomeResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

Payload/Cash.app/AdyenCard.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

Payload/Cash.app/AdyenCard.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

Payload/Cash.app/AfterPayAccountManagementUIResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

Payload/Cash.app/AfterPayAccountManagementUIResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

Payload/Cash.app/AmountEntryResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

Payload/Cash.app/AmountEntryResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral9

Sample

Payload/Cash.app/AppMessageUIResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral10

Sample

Payload/Cash.app/AppMessageUIResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

Payload/Cash.app/AppPodResources.bundle/Assets.pdf

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

Payload/Cash.app/AppPodResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral13

Sample

Payload/Cash.app/ApplePayUIResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral14

Sample

Payload/Cash.app/ApplePayUIResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

Payload/Cash.app/BankingResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

Payload/Cash.app/BankingResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral17

Sample

Payload/Cash.app/BasicViewControllersResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

Payload/Cash.app/BasicViewControllersResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral19

Sample

Payload/Cash.app/BoostUIResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral20

Sample

Payload/Cash.app/BoostUIResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral21

Sample

Payload/Cash.app/CardSchemeResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral22

Sample

Payload/Cash.app/CardSchemeResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

Payload/Cash.app/CardStudioResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral24

Sample

Payload/Cash.app/CardStudioResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral25

Sample

Payload/Cash.app/Cash

Resource

macos-20240214-en

macos-10.15-amd64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

Payload/Cash.app/ContactsPermissionUIResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

Payload/Cash.app/ContactsPermissionUIResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral28

Sample

Payload/Cash.app/CryptoUIResources.bundle/Assets.pdf

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral29

Sample

Payload/Cash.app/CryptoUIResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral30

Sample

Payload/Cash.app/CustomerProfileResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral31

Sample

Payload/Cash.app/CustomerProfileResources.bundle/Assets.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

Payload/Cash.app/DeviceManagerResources.bundle/Assets.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

Payload/Cash.app/CryptoUIResources.bundle/Assets.pdf
Size

251KB
MD5

9dca456583f81f85e81165065630db5b
SHA1

aaee188af57ef30df3e0610218aaaf11c211ed97
SHA256

0f4b38464445339f14d0c498973352fe81723e49fba38c5e1ce9c9b7c21ba364
SHA512

6c7789792d1e0c0888c611e49087c48fae3b6771ca0aec1f0410085e5b0cc0fc229117036a81ae18c1fa40b284213589ae194152944461a5bb17c11debc2cf5a
SSDEEP

6144:UUuC1fxqQUod7Nh8o5sseFLk6GGtAjdy7:qaTN65kRrBq

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1736	AcroRd32.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1736	AcroRd32.exe
1736	AcroRd32.exe

Processes

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Payload\Cash.app\CryptoUIResources.bundle\Assets.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
a565b14b597bf4b207bdf500569a1d12

SHA1
bdf6576eb7bf5c93389c5210f7b158045e76a59c

SHA256
23020004b261e9c0f8d73a8ae135386b150be766abe208762aad036519c6b5cd

SHA512
2b0a2235d2ba31fcdebeebaf31e510c925e97aed1ed469af680936c142a042b865436df26df7633e189b79ab62fcb1059a602faaae4b7ba7559ea4aab2eaf58b

Download Submit