460550950795698b91eca429b99fe023999af2edf205d67d6462c190e1f4e6ca

Submit
Reports

Overview

overview

Static

static

OSbot judi...ve.pdf

windows7-x64

OSbot judi...ve.pdf

windows10-2004-x64

OSbot judi...rd.pdf

windows7-x64

OSbot judi...rd.pdf

windows10-2004-x64

OSbot judi...nd.pdf

windows7-x64

OSbot judi...nd.pdf

windows10-2004-x64

OSbot judi...lp.pdf

windows7-x64

OSbot judi...lp.pdf

windows10-2004-x64

OSbot judi...me.pdf

windows7-x64

OSbot judi...me.pdf

windows10-2004-x64

OSbot judi...ib.pdf

windows7-x64

OSbot judi...ib.pdf

windows10-2004-x64

OSbot judi...ve.pdf

windows7-x64

OSbot judi...ve.pdf

windows10-2004-x64

OSbot judi...ns.pdf

windows7-x64

OSbot judi...ns.pdf

windows10-2004-x64

OSbot judi...ts.pdf

windows7-x64

OSbot judi...ts.pdf

windows10-2004-x64

OSbot judi...ct.pdf

windows7-x64

OSbot judi...ct.pdf

windows10-2004-x64

OSbot judi...t__.py

windows7-x64

OSbot judi...t__.py

windows10-2004-x64

OSbot judi...10.pyc

windows7-x64

OSbot judi...10.pyc

windows10-2004-x64

OSbot judi...10.pyc

windows7-x64

OSbot judi...10.pyc

windows10-2004-x64

OSbot judi...10.pyc

windows7-x64

OSbot judi...10.pyc

windows10-2004-x64

OSbot judi...bot.py

windows7-x64

OSbot judi...bot.py

windows10-2004-x64

OSbot judi...t__.py

windows7-x64

OSbot judi...t__.py

windows10-2004-x64

Resubmissions

03/05/2024, 18:40

240503-xa7xwagb26 10

03/05/2024, 18:19

240503-wynngach5t 10

03/05/2024, 15:38

240503-s26fxaad2t 10

Analysis

max time kernel
55s
max time network
17s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
03/05/2024, 18:19

Sharing

Copy URL

Twitter E-mail

Static task

static1

pyinstaller privateloader

3 signatures

Behavioral task

behavioral1

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/filesave.pdf

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/filesave.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/forward.pdf

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/forward.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/hand.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/hand.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/help.pdf

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/help.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/home.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/home.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/matplotlib.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/matplotlib.pdf

Resource

win10v2004-20240426-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral13

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/move.pdf

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/move.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/qt4_editor_options.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/qt4_editor_options.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral17

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/subplots.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/subplots.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral19

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/zoom_to_rect.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/zoom_to_rect.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral21

Sample

OSbot judicable/_internal/model/__init__.py

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

OSbot judicable/_internal/model/__init__.py

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

OSbot judicable/_internal/model/__pycache__/__init__.cpython-310.pyc

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral24

Sample

OSbot judicable/_internal/model/__pycache__/__init__.cpython-310.pyc

Resource

win10v2004-20240426-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral25

Sample

OSbot judicable/_internal/model/__pycache__/bot.cpython-310.pyc

Resource

win7-20240215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral26

Sample

OSbot judicable/_internal/model/__pycache__/bot.cpython-310.pyc

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

OSbot judicable/_internal/model/__pycache__/runelite_bot.cpython-310.pyc

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

OSbot judicable/_internal/model/__pycache__/runelite_bot.cpython-310.pyc

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

OSbot judicable/_internal/model/bot.py

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral30

Sample

OSbot judicable/_internal/model/bot.py

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

OSbot judicable/_internal/model/near_reality/__init__.py

Resource

win7-20231129-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

OSbot judicable/_internal/model/near_reality/__init__.py

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

OSbot judicable/_internal/matplotlib/mpl-data/images/zoom_to_rect.pdf
Size

1KB
MD5

b102af55aa5eb1332f30256f5cb0a252
SHA1

b8f4f237ebb51960de59ad5471ccb9286ef4fa89
SHA256

484bcf736e207d946997e747bfb9f1f0a9313f253ae8aab8ce0413bc6166f4a0
SHA512

e13bcbbb24e4e84ead717efdd9d8540fd5c922959d28f25769d3aa9a858744720e3c86165b9e47e2917bcc5f41d3f03d80f7ee6f78bc0765706f4b547ce65e05

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2232	AcroRd32.exe
2232	AcroRd32.exe
2232	AcroRd32.exe

Processes

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\OSbot judicable\_internal\matplotlib\mpl-data\images\zoom_to_rect.pdf"
1⤵
- Suspicious use of SetWindowsHookEx
PID:2232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
8c8ad4a148e1066c5b20c8fe25cce61e

SHA1
9b740495b6bdcad2bfeaeb9ac0b82af4f66e5677

SHA256
73761ef920e1036ca635f789b945578ffb0039af9c2ce9e278b884ba85f39fed

SHA512
b9eff83f2e544acc3f93f5f01a033cd1204709d94664ddcd6e2eb7f40122bf7211cbf02d4028f431cbd39eca4c05ec9975246cea67249e511ce10db5ce90c961

Download Submit