Overview

overview

10

Static

static

4

HowToBeatP...ci.pdf

windows7-x64

1

HowToBeatP...ci.pdf

windows10-2004-x64

1

NEW PAYPAL...14.pdf

windows7-x64

1

NEW PAYPAL...14.pdf

windows10-2004-x64

1

PolishPaypal.pdf

windows7-x64

1

PolishPaypal.pdf

windows10-2004-x64

1

Profiting ...i.html

windows7-x64

1

Profiting ...i.html

windows10-2004-x64

1

ScrewPaypal.pdf

windows7-x64

1

ScrewPaypal.pdf

windows10-2004-x64

1

StealthPaypal.pdf

windows7-x64

1

StealthPaypal.pdf

windows10-2004-x64

1

The Ultima...de.pdf

windows7-x64

1

The Ultima...de.pdf

windows10-2004-x64

1

Unlimited ...ut.pdf

windows7-x64

1

Unlimited ...ut.pdf

windows10-2004-x64

1

Yasuo.Payp....5.lnk

windows7-x64

10

Yasuo.Payp....5.lnk

windows10-2004-x64

10

files/Yasu....5.exe

windows7-x64

10

files/Yasu....5.exe

windows10-2004-x64

10

paypal stealth.pdf

windows7-x64

1

paypal stealth.pdf

windows10-2004-x64

1

Resubmissions

19-07-2024 13:39

240719-qx588sxcnf 10

07-06-2024 19:08

240607-xs7d3acc41 10

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    07-06-2024 19:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    paypal stealth.pdf

  • Size

    373KB

  • MD5

    61406112e7319aa050b000ea0c51bdbe

  • SHA1

    01719f71f167d7eca75608d2b334d5f581646af0

  • SHA256

    eeeeb3386414e348a81ad42eb2dcacbe9a2789a25ccc1d6aacd3c6dc0b8ff50f

  • SHA512

    c62e640f0c49afb06d6ac799280bfa5661477b80c502f71dbb7841f517afb565c5c5c1ccfac6c12d33d3dbb0eb41d25de7618397ec3f78cca0ca5f42577fccb0

  • SSDEEP

    6144:ges5xtRuyQ55VY2hpW02Yo38ZoFkLAUL3wfsvF3lpgHs6Tzwk/gYfkh:4tRuTS02D3IM2wcF3lz63wqgYfw

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\paypal stealth.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6c10d2bcc1fa9b6a47a93c2068eb3f65

    SHA1

    65553514d6887dda2d772a2ee340307ae55b541c

    SHA256

    46913120c3e21b4b201996e51941bf20a774e3ba76c20a209f63990b2f745303

    SHA512

    3cd74abb0430537e885d304b3f297ef436e07337c222e5bbff51f7d4bb1c860bb703fbfa8211574a01eaee246ccb7a2490fc1ccd49b4d8e6b22022158658394a

    Download Submit