460550950795698b91eca429b99fe023999af2edf205d67d6462c190e1f4e6ca

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

OSbot judi...ve.pdf

windows7-x64

OSbot judi...ve.pdf

windows10-2004-x64

OSbot judi...rd.pdf

windows7-x64

OSbot judi...rd.pdf

windows10-2004-x64

OSbot judi...nd.pdf

windows7-x64

OSbot judi...nd.pdf

windows10-2004-x64

OSbot judi...lp.pdf

windows7-x64

OSbot judi...lp.pdf

windows10-2004-x64

OSbot judi...me.pdf

windows7-x64

OSbot judi...me.pdf

windows10-2004-x64

OSbot judi...ib.pdf

windows7-x64

OSbot judi...ib.pdf

windows10-2004-x64

OSbot judi...ve.pdf

windows7-x64

OSbot judi...ve.pdf

windows10-2004-x64

OSbot judi...ns.pdf

windows7-x64

OSbot judi...ns.pdf

windows10-2004-x64

OSbot judi...ts.pdf

windows7-x64

OSbot judi...ts.pdf

windows10-2004-x64

OSbot judi...ct.pdf

windows7-x64

OSbot judi...ct.pdf

windows10-2004-x64

OSbot judi...t__.py

windows7-x64

OSbot judi...t__.py

windows10-2004-x64

OSbot judi...10.pyc

windows7-x64

OSbot judi...10.pyc

windows10-2004-x64

OSbot judi...10.pyc

windows7-x64

OSbot judi...10.pyc

windows10-2004-x64

OSbot judi...10.pyc

windows7-x64

OSbot judi...10.pyc

windows10-2004-x64

OSbot judi...bot.py

windows7-x64

OSbot judi...bot.py

windows10-2004-x64

OSbot judi...t__.py

windows7-x64

OSbot judi...t__.py

windows10-2004-x64

Resubmissions

03/05/2024, 18:40

240503-xa7xwagb26 10

03/05/2024, 18:19

240503-wynngach5t 10

03/05/2024, 15:38

240503-s26fxaad2t 10

Analysis

max time kernel
119s
max time network
126s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
03/05/2024, 18:19

Sharing

Copy URL

Twitter E-mail

Static task

static1

pyinstaller privateloader

3 signatures

Behavioral task

behavioral1

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/filesave.pdf

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/filesave.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral3

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/forward.pdf

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/forward.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral5

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/hand.pdf

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/hand.pdf

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral7

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/help.pdf

Resource

win7-20240215-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/help.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral9

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/home.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral10

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/home.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral11

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/matplotlib.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral12

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/matplotlib.pdf

Resource

win10v2004-20240426-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral13

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/move.pdf

Resource

win7-20231129-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral14

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/move.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral15

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/qt4_editor_options.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral16

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/qt4_editor_options.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral17

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/subplots.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral18

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/subplots.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral19

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/zoom_to_rect.pdf

Resource

win7-20240221-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral20

Sample

OSbot judicable/_internal/matplotlib/mpl-data/images/zoom_to_rect.pdf

Resource

win10v2004-20240419-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral21

Sample

OSbot judicable/_internal/model/__init__.py

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral22

Sample

OSbot judicable/_internal/model/__init__.py

Resource

win10v2004-20240226-en

windows10-2004-x64

5 signatures

150 seconds

Behavioral task

behavioral23

Sample

OSbot judicable/_internal/model/__pycache__/__init__.cpython-310.pyc

Resource

win7-20231129-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral24

Sample

OSbot judicable/_internal/model/__pycache__/__init__.cpython-310.pyc

Resource

win10v2004-20240426-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral25

Sample

OSbot judicable/_internal/model/__pycache__/bot.cpython-310.pyc

Resource

win7-20240215-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral26

Sample

OSbot judicable/_internal/model/__pycache__/bot.cpython-310.pyc

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral27

Sample

OSbot judicable/_internal/model/__pycache__/runelite_bot.cpython-310.pyc

Resource

win7-20240221-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral28

Sample

OSbot judicable/_internal/model/__pycache__/runelite_bot.cpython-310.pyc

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral29

Sample

OSbot judicable/_internal/model/bot.py

Resource

win7-20240221-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral30

Sample

OSbot judicable/_internal/model/bot.py

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral31

Sample

OSbot judicable/_internal/model/near_reality/__init__.py

Resource

win7-20231129-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral32

Sample

OSbot judicable/_internal/model/near_reality/__init__.py

Resource

win10v2004-20240419-en

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

OSbot judicable/_internal/matplotlib/mpl-data/images/help.pdf
Size

1KB
MD5

a0c9d1a063e353351fa07e26f0189ccf
SHA1

e738f15e582f387119767435e5b4a57ba779129b
SHA256

09e13defc20c8b4616ce758a8c84f547c22b3f82a16744bbbac3d4beb79281c0
SHA512

7c4f5967c85d0c075916c20e74baf0e1d3e5583be143b146aaff56c505cf028e160c7e20e2ff9a6ecd095a450ce3de821461207db7221445f9f0d570326b0639

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1540	AcroRd32.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1540	AcroRd32.exe
1540	AcroRd32.exe
1540	AcroRd32.exe

Processes

C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\OSbot judicable\_internal\matplotlib\mpl-data\images\help.pdf"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

Filesize
3KB

MD5
be4cbb69832999156abe153b587b2bbf

SHA1
1d4aa252b75e5ba7142a73b652537754b1700cf0

SHA256
bc98a6f5d2f7b9e24e029983a54d303164af3d707a95ae467b61fb56b03d3602

SHA512
ea2d615f1ad2fd0ee6b5a6a409ee6e2b150d2e0f8aad5e3d81e8b1816edde413f24b1ccc3b215f088fc46613d8ce67228008600568a7df5449db5315cb778acb

Download Submit