Overview

overview

10

Static

static

10

OSbot judi...ve.pdf

windows7-x64

1

OSbot judi...ve.pdf

windows10-2004-x64

1

OSbot judi...rd.pdf

windows7-x64

1

OSbot judi...rd.pdf

windows10-2004-x64

1

OSbot judi...nd.pdf

windows7-x64

1

OSbot judi...nd.pdf

windows10-2004-x64

1

OSbot judi...lp.pdf

windows7-x64

1

OSbot judi...lp.pdf

windows10-2004-x64

1

OSbot judi...me.pdf

windows7-x64

1

OSbot judi...me.pdf

windows10-2004-x64

1

OSbot judi...ib.pdf

windows7-x64

1

OSbot judi...ib.pdf

windows10-2004-x64

1

OSbot judi...ve.pdf

windows7-x64

1

OSbot judi...ve.pdf

windows10-2004-x64

1

OSbot judi...ns.pdf

windows7-x64

1

OSbot judi...ns.pdf

windows10-2004-x64

1

OSbot judi...ts.pdf

windows7-x64

1

OSbot judi...ts.pdf

windows10-2004-x64

1

OSbot judi...ct.pdf

windows7-x64

1

OSbot judi...ct.pdf

windows10-2004-x64

1

OSbot judi...t__.py

windows7-x64

3

OSbot judi...t__.py

windows10-2004-x64

3

OSbot judi...10.pyc

windows7-x64

3

OSbot judi...10.pyc

windows10-2004-x64

3

OSbot judi...10.pyc

windows7-x64

3

OSbot judi...10.pyc

windows10-2004-x64

3

OSbot judi...10.pyc

windows7-x64

3

OSbot judi...10.pyc

windows10-2004-x64

3

OSbot judi...bot.py

windows7-x64

3

OSbot judi...bot.py

windows10-2004-x64

3

OSbot judi...t__.py

windows7-x64

3

OSbot judi...t__.py

windows10-2004-x64

3

Resubmissions

03/05/2024, 18:40

240503-xa7xwagb26 10

03/05/2024, 18:19

240503-wynngach5t 10

03/05/2024, 15:38

240503-s26fxaad2t 10

Analysis

  • max time kernel
    120s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/05/2024, 18:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    OSbot judicable/_internal/matplotlib/mpl-data/images/hand.pdf

  • Size

    4KB

  • MD5

    b3b3fa6ded8eb65c3558cb62dee66094

  • SHA1

    e47c3b24f90332d1291b8fa9787c76f433cd6cd3

  • SHA256

    86ca7090d63dd7928f0fb00c5a7550b3b2c53ceb65723d155222eeefa74c69b4

  • SHA512

    0ec03b7dc38458611143b161cb5527fe171a7b682da6612e74aaa7be3e5dc74eb61763b19f2d312ae20f887cff05ecef52ebb34cc70c2dd92ada549525f7f978

  • SSDEEP

    96:cWOoFQJL+JxMXH+8qBsJSBVcSp6+XWcb2Dn591q:cLoMk98nSXZ4+TmnM

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\OSbot judicable\_internal\matplotlib\mpl-data\images\hand.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1648

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    32175bb9cf70df513c14981306f38310

    SHA1

    af9dfe89737dfc8b567419a0f39fcedda64a1e8b

    SHA256

    576d2653e9ab766e1bed5f31f917b600508da2497be1187be33e726392420626

    SHA512

    83b842f61383692d145afeb20b4297bd2119faaacb00dd337217c44dd670163f8a989d39c533a19699c1ebb585df48048b02bfbc5c558397d42e1f8fce3d8f6a

    Download Submit