Overview

overview

6

Static

static

6

37289d4744...09.zip

windows7-x64

1

37289d4744...09.zip

windows10-2004-x64

1

Payload/pr...ts.pdf

windows7-x64

1

Payload/pr...ts.pdf

windows10-2004-x64

1

Payload/pr...faults

macos-10.15-amd64

1

Payload/pr...orking

macos-10.15-amd64

1

Payload/pr...er_3_0

macos-10.15-amd64

1

Payload/pr...erjack

macos-10.15-amd64

1

Payload/pr...Button

macos-10.15-amd64

1

Payload/pr...matter

macos-10.15-amd64

1

Payload/pr...lytics

macos-10.15-amd64

1

Payload/pr...zation

macos-10.15-amd64

1

Payload/pr...Mantle

macos-10.15-amd64

1

Payload/pr...PURLRQ

macos-10.15-amd64

1

Payload/pr...bility

macos-10.15-amd64

1

Payload/pr...ponent

macos-10.15-amd64

1

Payload/pr...ources

macos-10.15-amd64

1

Payload/pr...ychain

macos-10.15-amd64

1

Payload/pr...roller

macos-10.15-amd64

1

Payload/pr...idecar

macos-10.15-amd64

1

Payload/pr...oiding

macos-10.15-amd64

1

Payload/pr...holder

macos-10.15-amd64

1

Payload/pr...orders

macos-10.15-amd64

1

Payload/pr...xtobjc

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Payload/pr....dylib

macos-10.15-amd64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    37289d4744471ad3cfe6d10a15490309.bin

  • Size

    5.6MB

  • MD5

    37289d4744471ad3cfe6d10a15490309

  • SHA1

    546af23f8049e5df9b9915644442dae055f57418

  • SHA256

    8bd66434916135d0be06efbb0a9b029371781e9acdfc9d7ecb15eda91e2a3911

  • SHA512

    eed87f267e77a05800974a68a2eeb766b7d11a2eacfa7edb9e456bcec4f0699fa0548d3e9f229a790d20f5abd3257822c4c14cba8b786c5e77157f31ea67e291

  • SSDEEP

    98304:vTcCcXUgaSI3eWFcuITP3Vgpiox60Zy2rdbNUYsQyJ8awK/xnqf+09aVymw3qS:vwb3aSkcuM+ioM2ZbNUYwaawKJnF0cVw

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • 37289d4744471ad3cfe6d10a15490309.bin
    .zip .ps1

    Password: infected

  • Payload/prod-rogers-advocate-enterprise.app/[email protected]
    .png
  • Payload/prod-rogers-advocate-enterprise.app/AppIcon76x76@2x~ipad.png
    .png
  • Payload/prod-rogers-advocate-enterprise.app/Assets.car
    .pdf
  • Payload/prod-rogers-advocate-enterprise.app/AvenirNext-DemiBold.ttf
  • Payload/prod-rogers-advocate-enterprise.app/AvenirNext-Medium.ttf
  • Payload/prod-rogers-advocate-enterprise.app/AvenirNext-Regular.ttf
  • Payload/prod-rogers-advocate-enterprise.app/Base.lproj/InfoPlist.strings
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ADVUserDefaults.framework/ADVUserDefaults
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ADVUserDefaults.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ADVUserDefaults.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/AFNetworking.framework/AFNetworking
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/AFNetworking.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/AFNetworking.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ActionSheetPicker_3_0.framework/ActionSheetPicker_3_0
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ActionSheetPicker_3_0.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ActionSheetPicker_3_0.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/CocoaLumberjack.framework/CocoaLumberjack
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/CocoaLumberjack.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/CocoaLumberjack.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/DLRadioButton.framework/DLRadioButton
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/DLRadioButton.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/DLRadioButton.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ECPhoneNumberFormatter.framework/ECPhoneNumberFormatter
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ECPhoneNumberFormatter.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/ECPhoneNumberFormatter.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Localytics.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Localytics.framework/Localytics
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Localytics.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/MCLocalization.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/MCLocalization.framework/MCLocalization
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/MCLocalization.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Mantle.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Mantle.framework/Mantle
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Mantle.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/OMGHTTPURLRQ.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/OMGHTTPURLRQ.framework/OMGHTTPURLRQ
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/OMGHTTPURLRQ.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Reachability.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Reachability.framework/Reachability
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Reachability.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SHSPhoneComponent.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SHSPhoneComponent.framework/SHSPhoneComponent
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SHSPhoneComponent.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSDataSources.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSDataSources.framework/SSDataSources
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSDataSources.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSKeychain.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSKeychain.framework/SSKeychain
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSKeychain.framework/SSKeychain.bundle/en.lproj/SSKeychain.strings
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SSKeychain.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SWRevealViewController.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SWRevealViewController.framework/SWRevealViewController
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/SWRevealViewController.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Sidecar.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Sidecar.framework/Sidecar
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/Sidecar.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/TPKeyboardAvoiding.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/TPKeyboardAvoiding.framework/TPKeyboardAvoiding
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/TPKeyboardAvoiding.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/UITextView_Placeholder.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/UITextView_Placeholder.framework/UITextView_Placeholder
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/UITextView_Placeholder.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/UIView_Borders.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/UIView_Borders.framework/UIView_Borders
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/UIView_Borders.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libextobjc.framework/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libextobjc.framework/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libextobjc.framework/libextobjc
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftCore.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftCoreFoundation.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftCoreGraphics.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftCoreImage.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftDarwin.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftDispatch.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftFoundation.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftMetal.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftObjectiveC.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftQuartzCore.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftUIKit.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Frameworks/libswiftos.dylib
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/Info.plist
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/LaunchScreen.storyboardc/01J-lp-oVM-view-Ze5-6b-2t3.nib
  • Payload/prod-rogers-advocate-enterprise.app/LaunchScreen.storyboardc/Info.plist
  • Payload/prod-rogers-advocate-enterprise.app/LaunchScreen.storyboardc/UIViewController-01J-lp-oVM.nib
  • Payload/prod-rogers-advocate-enterprise.app/PkgInfo
  • Payload/prod-rogers-advocate-enterprise.app/RAVAboutViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVAlertView.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVDetailsViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVEditBoxView.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVIssueViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVLandingViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVLeftMenuViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVLoginTypeSelectionViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVLoginViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVNavigationView.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVNetworkUnavailableView.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVReferAFriendViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVResultViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVReviewTableViewCell.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVReviewViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVServiceCollectionViewCell.nib/objects-12.3+.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVServiceCollectionViewCell.nib/runtime.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVServicesViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVSwitchView.nib
  • Payload/prod-rogers-advocate-enterprise.app/RAVWelcomeViewController.nib
  • Payload/prod-rogers-advocate-enterprise.app/Roboto-Medium.ttf
  • Payload/prod-rogers-advocate-enterprise.app/Roboto-Regular.ttf
  • Payload/prod-rogers-advocate-enterprise.app/SelectionView.nib
  • Payload/prod-rogers-advocate-enterprise.app/Settings.bundle/Acknowledgements.plist
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Settings.bundle/Root.plist
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/Settings.bundle/en.lproj/Root.strings
  • Payload/prod-rogers-advocate-enterprise.app/SourceSansPro-Regular.otf
  • Payload/prod-rogers-advocate-enterprise.app/SourceSansPro-Semibold.otf
  • Payload/prod-rogers-advocate-enterprise.app/_CodeSignature/CodeResources
    .xml
  • Payload/prod-rogers-advocate-enterprise.app/about-en.html
    .html
  • Payload/prod-rogers-advocate-enterprise.app/about-fr.html
    .html
  • Payload/prod-rogers-advocate-enterprise.app/embedded.mobileprovision
  • Payload/prod-rogers-advocate-enterprise.app/fr.lproj/InfoPlist.strings
  • Payload/prod-rogers-advocate-enterprise.app/info-prod-rogers-advocate.plist
  • Payload/prod-rogers-advocate-enterprise.app/jquery-1.12.4.min.js
    .js
  • Payload/prod-rogers-advocate-enterprise.app/prod-rogers-advocate-enterprise
    .macho macos
  • Payload/prod-rogers-advocate-enterprise.app/readmore.min.js
    .js
  • Payload/prod-rogers-advocate-enterprise.app/strings.json