Overview

overview

10

Static

static

4

HowToBeatP...ci.pdf

windows7-x64

1

HowToBeatP...ci.pdf

windows10-2004-x64

1

NEW PAYPAL...14.pdf

windows7-x64

1

NEW PAYPAL...14.pdf

windows10-2004-x64

1

PolishPaypal.pdf

windows7-x64

1

PolishPaypal.pdf

windows10-2004-x64

1

Profiting ...i.html

windows7-x64

1

Profiting ...i.html

windows10-2004-x64

1

ScrewPaypal.pdf

windows7-x64

1

ScrewPaypal.pdf

windows10-2004-x64

1

StealthPaypal.pdf

windows7-x64

1

StealthPaypal.pdf

windows10-2004-x64

1

The Ultima...de.pdf

windows7-x64

1

The Ultima...de.pdf

windows10-2004-x64

1

Unlimited ...ut.pdf

windows7-x64

1

Unlimited ...ut.pdf

windows10-2004-x64

1

Yasuo.Payp....5.lnk

windows7-x64

10

Yasuo.Payp....5.lnk

windows10-2004-x64

10

files/Yasu....5.exe

windows7-x64

10

files/Yasu....5.exe

windows10-2004-x64

10

paypal stealth.pdf

windows7-x64

1

paypal stealth.pdf

windows10-2004-x64

1

Resubmissions

19-07-2024 13:39

240719-qx588sxcnf 10

07-06-2024 19:08

240607-xs7d3acc41 10

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    07-06-2024 19:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Unlimited Stealth PayPal Acts and how to Cash them out.pdf

  • Size

    51KB

  • MD5

    8cbcfd4f65421379598628918a5c6048

  • SHA1

    cff70e9a589452810b997081c7dede8c30163e40

  • SHA256

    29426b26f770333e3ce92e61ba0e6c6508679655a023ec64185c32e5ec534821

  • SHA512

    accb1ac7e99c3b65d7d72ec5365271ff01fb04ef02b07806a1da1f52371c141bd46cdaae3920ff01940656fd8d94b0bc1511b976a7059d5f4c43cc1934b931ce

  • SSDEEP

    768:uN2QunEdL3/uh54q+gideO6Jd4irWtuZbMLCpMfEnOZz2BhGSc0rfpR5j9BktMwc:utL3Ghn40BWMZ41s/hjc0r1xBktMwuSu

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Unlimited Stealth PayPal Acts and how to Cash them out.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    71f706ef1e5271a03dcca7749210506a

    SHA1

    cdab7bd73f8cd0d5995b2bab1f235b9d32d86571

    SHA256

    827455c72c44e71a23cc624efd75c5a5a48c92cc8ba83e02b2e37f811406518a

    SHA512

    f28f27cfc7235b50ac6b00acff94f752c1218f193afa7c8c58e0076c5bea31c6e093194efc36dba4e8b52e5ddf19dda444b3cef1ffd7cb70c0abd40a0341da03

    Download Submit