Overview

overview

7

Static

static

7

Overcoming...ss.doc

windows7-x64

4

Overcoming...ss.doc

windows10-2004-x64

1

Overcoming...ss.odt

windows7-x64

4

Overcoming...ss.odt

windows10-2004-x64

1

Overcoming...ss.pdf

windows7-x64

1

Overcoming...ss.pdf

windows10-2004-x64

1

Overcoming...le.pdf

windows7-x64

1

Overcoming...le.pdf

windows10-2004-x64

1

Overcoming...nd.exe

windows7-x64

7

Overcoming...nd.exe

windows10-2004-x64

7

Overcoming...ts.pdf

windows7-x64

1

Overcoming...ts.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2d275a2817c8b7917eff0231d74f3c2f4fa1ad11c5192ab94d52b70ec788f05f.zip.zip

  • Size

    1013KB

  • MD5

    667a76363ed82a347974b57340fd2faf

  • SHA1

    94a2b7a7bbd4cba19bc8bcff9d8a870a3792a575

  • SHA256

    1c490483a0baf4fdee61b9ee26b8c90a3ac7e382a1f632c19e172ac94f356c37

  • SHA512

    76570d2138b7647c3d1d2960574d290ee23db5080e962dd8ab890e7e32fa1b2dc1e6b711a9f89114ffec5834cef81cb17e134830525b38184117cb6d22a338fe

  • SSDEEP

    24576:9slt0kmYgPAOcfc/FpWDhYBoO24XTw9SNVwBRpvo:9svgPAO1FpWDeKOhTrNiRpQ

Score
7/10
pdflinkupx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 2d275a2817c8b7917eff0231d74f3c2f4fa1ad11c5192ab94d52b70ec788f05f.zip.zip
    .zip

    Password: infected

  • 2d275a2817c8b7917eff0231d74f3c2f4fa1ad11c5192ab94d52b70ec788f05f.zip
    .zip
  • OvercomingLoneliness/3D.jpg
    .jpg
  • OvercomingLoneliness/BrandingInstructions.txt
  • OvercomingLoneliness/OvercomingLoneliness.doc
    .doc windows office2003
  • OvercomingLoneliness/OvercomingLoneliness.odt
    .odt openoffice
  • OvercomingLoneliness/OvercomingLoneliness.pdf
    .pdf

    • http://toplevel.ericstips.hop.clickbank.net/

    • http://toplevel.exrecsys.hop.clickbank.net/

    • http://toplevel.darekw.hop.clickbank.net/

    • http://toplevel.deprfree.hop.clickbank.net/

  • OvercomingLoneliness/OvercomingLonelinessBrandable.pdf
    .pdf

    • http://-8-yourclickbankid$toplevel-8-.ericstips.hop.clickbank.net/

    • http://-8-yourclickbankid$toplevel-8-.exrecsys.hop.clickbank.net/

    • http://-8-yourclickbankid$toplevel-8-.darekw.hop.clickbank.net/

    • http://-8-yourclickbankid$toplevel-8-.deprfree.hop.clickbank.net/

  • OvercomingLoneliness/PDFBrand.exe
    .exe windows:4 windows x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86


    Headers

    Sections

  • OvercomingLoneliness/PLR Assassin Private Label Rights.pdf
    .pdf

    • http://www.plrassassin.com/

    • http://www.plrassassin.com/blog

    • http://www.articlegrand.com/

    • http://ArticleGrand.com

  • OvercomingLoneliness/flat.jpg
    .jpg