Overview

overview

6

Static

static

4

RevoUninst...lp.pdf

windows7-x64

1

RevoUninst...lp.pdf

windows10-2004-x64

1

RevoUninst...rt.exe

windows7-x64

4

RevoUninst...rt.exe

windows10-2004-x64

1

RevoUninst...Un.exe

windows7-x64

6

RevoUninst...Un.exe

windows10-2004-x64

6

RevoUninst...Un.exe

windows7-x64

6

RevoUninst...Un.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    500c0e2400d5968f7c34bde6036d0c9f015625cc04a5202d84fba915a3355a74

  • Size

    6.0MB

  • MD5

    564cd6ea67e7ac6745c76f0537882483

  • SHA1

    e9bb8009ab734c20f70ad2c823143eb372342211

  • SHA256

    500c0e2400d5968f7c34bde6036d0c9f015625cc04a5202d84fba915a3355a74

  • SHA512

    cf33d0e047781d434274688793c566286d846027c22ea0036653dbb56beee4682a3419a1c832c172e2b3952558f93d8d30dba159a3376728eb0eb77e11849c7d

  • SSDEEP

    98304:y0dTjIn1R5ioo48rk4p47HuSOXEMi5be6h4IK1u5dKAb/Us9j9hmbTxB:VRIn1R8IC4nB5bXUvET+P

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 500c0e2400d5968f7c34bde6036d0c9f015625cc04a5202d84fba915a3355a74
    .7z
  • RevoUninstaller_Portable_免安裝/LicenseAgreement.txt
  • RevoUninstaller_Portable_免安裝/Revo Uninstaller Help.pdf
    .pdf

    • http://www.revouninstaller.com/

  • RevoUninstaller_Portable_免安裝/RevoUPort.exe
    .exe windows x86

    f1701f0b31fe827683fdfb65eb40b138


    Code Sign

    Headers

    Imports

    Sections

  • RevoUninstaller_Portable_免安裝/ctrlbars.dat
  • RevoUninstaller_Portable_免安裝/lang/Estonian.ini
  • RevoUninstaller_Portable_免安裝/lang/albanian.ini
  • RevoUninstaller_Portable_免安裝/lang/arabic.ini
  • RevoUninstaller_Portable_免安裝/lang/armenian.ini
  • RevoUninstaller_Portable_免安裝/lang/azerbaijani.ini
  • RevoUninstaller_Portable_免安裝/lang/bulgarian.ini
  • RevoUninstaller_Portable_免安裝/lang/czech.ini
  • RevoUninstaller_Portable_免安裝/lang/danish.ini
  • RevoUninstaller_Portable_免安裝/lang/dutch.ini
  • RevoUninstaller_Portable_免安裝/lang/english.ini
  • RevoUninstaller_Portable_免安裝/lang/finnish.ini
  • RevoUninstaller_Portable_免安裝/lang/french.ini
  • RevoUninstaller_Portable_免安裝/lang/german.ini
  • RevoUninstaller_Portable_免安裝/lang/hebrew.ini
  • RevoUninstaller_Portable_免安裝/lang/hellenic.ini
  • RevoUninstaller_Portable_免安裝/lang/hindi.ini
  • RevoUninstaller_Portable_免安裝/lang/hrvatski.ini
  • RevoUninstaller_Portable_免安裝/lang/hungarian.ini
  • RevoUninstaller_Portable_免安裝/lang/indonesian.ini
  • RevoUninstaller_Portable_免安裝/lang/italiano.ini
  • RevoUninstaller_Portable_免安裝/lang/japanese.ini
  • RevoUninstaller_Portable_免安裝/lang/korean.ini
  • RevoUninstaller_Portable_免安裝/lang/kurdish.ini
  • RevoUninstaller_Portable_免安裝/lang/macedonian.ini
  • RevoUninstaller_Portable_免安裝/lang/norwegian.ini
  • RevoUninstaller_Portable_免安裝/lang/persian.ini
  • RevoUninstaller_Portable_免安裝/lang/polish.ini
  • RevoUninstaller_Portable_免安裝/lang/portuguese.ini
  • RevoUninstaller_Portable_免安裝/lang/portuguese_standard.ini
  • RevoUninstaller_Portable_免安裝/lang/portuguesebrazil.ini
  • RevoUninstaller_Portable_免安裝/lang/romanian.ini
  • RevoUninstaller_Portable_免安裝/lang/russian.ini
  • RevoUninstaller_Portable_免安裝/lang/serbian.ini
  • RevoUninstaller_Portable_免安裝/lang/serbianLatin.ini
  • RevoUninstaller_Portable_免安裝/lang/simplifiedchinese.ini
  • RevoUninstaller_Portable_免安裝/lang/slovak.ini
  • RevoUninstaller_Portable_免安裝/lang/slovenian.ini
  • RevoUninstaller_Portable_免安裝/lang/spanish.ini
  • RevoUninstaller_Portable_免安裝/lang/swedish.ini
  • RevoUninstaller_Portable_免安裝/lang/traditionalchinese.ini
  • RevoUninstaller_Portable_免安裝/lang/turkish.ini
  • RevoUninstaller_Portable_免安裝/lang/ukrainian.ini
  • RevoUninstaller_Portable_免安裝/lang/vietnamese.ini
  • RevoUninstaller_Portable_免安裝/settings.ini
  • RevoUninstaller_Portable_免安裝/un_report.dat
  • RevoUninstaller_Portable_免安裝/x64/RevoUn.exe
    .exe windows x64

    1e3d1c6296af1d75e2a1c0db0991b059


    Code Sign

    Headers

    Imports

    Sections

  • RevoUninstaller_Portable_免安裝/x86/RevoUn.exe
    .exe windows x86

    2418ab48eeca358d230c86458ea51fe7


    Code Sign

    Headers

    Imports

    Sections