Overview

overview

10

Static

static

10

OSbot judi...ve.pdf

windows7-x64

1

OSbot judi...ve.pdf

windows10-2004-x64

1

OSbot judi...rd.pdf

windows7-x64

1

OSbot judi...rd.pdf

windows10-2004-x64

1

OSbot judi...nd.pdf

windows7-x64

1

OSbot judi...nd.pdf

windows10-2004-x64

1

OSbot judi...lp.pdf

windows7-x64

1

OSbot judi...lp.pdf

windows10-2004-x64

1

OSbot judi...me.pdf

windows7-x64

1

OSbot judi...me.pdf

windows10-2004-x64

1

OSbot judi...ib.pdf

windows7-x64

1

OSbot judi...ib.pdf

windows10-2004-x64

1

OSbot judi...ve.pdf

windows7-x64

1

OSbot judi...ve.pdf

windows10-2004-x64

1

OSbot judi...ns.pdf

windows7-x64

1

OSbot judi...ns.pdf

windows10-2004-x64

1

OSbot judi...ts.pdf

windows7-x64

1

OSbot judi...ts.pdf

windows10-2004-x64

1

OSbot judi...ct.pdf

windows7-x64

1

OSbot judi...ct.pdf

windows10-2004-x64

1

OSbot judi...t__.py

windows7-x64

3

OSbot judi...t__.py

windows10-2004-x64

3

OSbot judi...10.pyc

windows7-x64

3

OSbot judi...10.pyc

windows10-2004-x64

3

OSbot judi...10.pyc

windows7-x64

3

OSbot judi...10.pyc

windows10-2004-x64

3

OSbot judi...10.pyc

windows7-x64

3

OSbot judi...10.pyc

windows10-2004-x64

3

OSbot judi...bot.py

windows7-x64

3

OSbot judi...bot.py

windows10-2004-x64

3

OSbot judi...t__.py

windows7-x64

3

OSbot judi...t__.py

windows10-2004-x64

3

Resubmissions

03/05/2024, 18:40

240503-xa7xwagb26 10

03/05/2024, 18:19

240503-wynngach5t 10

03/05/2024, 15:38

240503-s26fxaad2t 10

Analysis

  • max time kernel
    11s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/05/2024, 18:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OSbot judicable/_internal/matplotlib/mpl-data/images/matplotlib.pdf

  • Size

    22KB

  • MD5

    63f149d8f57189e118a696e1444dfd00

  • SHA1

    885ab49df21cf2b43678fb92a2bf2fb0202dd3ac

  • SHA256

    0644947fedb1a228fe7977e9576b7bcb5245286d730f582d57a6808375e2ff01

  • SHA512

    e22018e5bae28d950a7f49c15863911f57188c1948269b4b36da6c2c40234ed0d6bedf84310aa6a86a90f359fba2cbac96807f334d96f92717ef5a2c79082f58

  • SSDEEP

    384:M0Vr5or0YUDUn2lFVWy78OPU246jH1nl50V1TeLooDVPPvCm/tyUpaayzI2v6m:M0J5or0to2lM1OjHmyLoopvCmVXpGI2B

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\OSbot judicable\_internal\matplotlib\mpl-data\images\matplotlib.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b5ebf843d932a576b147d06554018793

    SHA1

    d7fa5e8adb7be887d9ab2d181dc69316f5f3cb88

    SHA256

    27d05b4e16aedbc29f389665d23d7fc07fac9d34ddcfb415ffd10d2772dc7f3c

    SHA512

    063b75472d23a704b4aa96ff6b223adb2b59771d3c6136cab7a7e3478a0b246c66954c784a0159ad354c821c4637df5149d090cf9ec9e4a4918e30482531b62c

    Download Submit