Overview

overview

6

Static

static

6

Payload/ES...ts.pdf

windows7-x64

1

Payload/ES...ts.pdf

windows10-2004-x64

1

Payload/ES.../ESign

macos-10.15-amd64

1

Payload/ES...x.html

windows7-x64

1

Payload/ES...x.html

windows10-2004-x64

1

Payload/ES...min.js

windows7-x64

1

Payload/ES...min.js

windows10-2004-x64

1

Payload/ES...min.js

windows7-x64

1

Payload/ES...min.js

windows10-2004-x64

1

Payload/ES...dex.js

windows7-x64

1

Payload/ES...dex.js

windows10-2004-x64

1

Payload/ES...oad.js

windows7-x64

1

Payload/ES...oad.js

windows10-2004-x64

1

Payload/ES...ort.js

windows7-x64

1

Payload/ES...ort.js

windows10-2004-x64

1

Payload/ES...ble.js

windows7-x64

1

Payload/ES...ble.js

windows10-2004-x64

1

Payload/ES...min.js

windows7-x64

1

Payload/ES...min.js

windows10-2004-x64

1

Payload/ES...get.js

windows7-x64

1

Payload/ES...get.js

windows10-2004-x64

1

Payload/ES...min.js

windows7-x64

1

Payload/ES...min.js

windows10-2004-x64

1

Payload/ES...min.js

windows7-x64

1

Payload/ES...min.js

windows10-2004-x64

1

Payload/ES...ts.pdf

windows7-x64

1

Payload/ES...ts.pdf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    esign_4.8.2_unsigned.ipa

  • Size

    6.8MB

  • MD5

    825de48ae929d503e838c6952ff2fc77

  • SHA1

    3199e665fed56762817cf486879177decd1200a5

  • SHA256

    b88e6154aeb1c8505580917f36abef82ab4033e871559ed3634d90f9a144131f

  • SHA512

    c365b94d3291bd660ea3deced8dfdd0e0579cdd7b5576cb2e20ec582fd52af1adf56aab17b9ea7dbfd3cd1dd2d5bd33faf58b4d6ad6093ef28704ef97fd4a4fa

  • SSDEEP

    196608:P9aU4a6TMoyz7g90hrjhXcvPvHcQWVwheDjkX4Z:PD6Tj80wrFMvPv8TuheXkXo

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • esign_4.8.2_unsigned.ipa
    .zip
  • Payload/ESign.app/[email protected]
    .png
  • Payload/ESign.app/AppIcon76x76@2x~ipad.png
    .png
  • Payload/ESign.app/Assets.car
    .pdf
  • Payload/ESign.app/Assets_noVoice.mp3
  • Payload/ESign.app/Base.lproj/LaunchScreen.storyboardc/01J-lp-oVM-view-Ze5-6b-2t3.nib
  • Payload/ESign.app/Base.lproj/LaunchScreen.storyboardc/Info.plist
  • Payload/ESign.app/Base.lproj/LaunchScreen.storyboardc/UIViewController-01J-lp-oVM.nib
  • Payload/ESign.app/Base.lproj/Main.storyboardc/BYZ-38-t0r-view-8bC-Xf-vdC.nib
  • Payload/ESign.app/Base.lproj/Main.storyboardc/Info.plist
  • Payload/ESign.app/Base.lproj/Main.storyboardc/UINavigationController-tmn-gx-rew.nib
  • Payload/ESign.app/EFileLogo.png
    .png
  • Payload/ESign.app/ESign
    .macho macos
  • Payload/ESign.app/ESignDebugLogo.png
    .png
  • Payload/ESign.app/ESignLogo.png
    .png
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Info.plist
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/css/bootstrap-theme.css
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/css/bootstrap.css
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/css/index.css
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/css/jquery.fileupload.css
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/en.lproj/Localizable.strings
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/fonts/glyphicons-halflings-regular.eot
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/fonts/glyphicons-halflings-regular.svg
    .xml
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/fonts/glyphicons-halflings-regular.ttf
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/fonts/glyphicons-halflings-regular.woff
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/index.html
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/bootstrap.min.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/html5shiv.min.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/index.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.fileupload.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.iframe-transport.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.jeditable.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.min.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/jquery.ui.widget.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/respond.min.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/js/tmpl.min.js
    .js
  • Payload/ESign.app/GCDWebUploader.bundle/Contents/Resources/zh-Hans.lproj/Localizable.strings
  • Payload/ESign.app/Info.plist
    .xml
  • Payload/ESign.app/LICENSE
  • Payload/ESign.app/LICENSE_CN
  • Payload/ESign.app/MJRefresh.bundle/[email protected]
    .png
  • Payload/ESign.app/MJRefresh.bundle/en.lproj/Localizable.strings
  • Payload/ESign.app/MJRefresh.bundle/ko.lproj/Localizable.strings
  • Payload/ESign.app/MJRefresh.bundle/ru.lproj/Localizable.strings
  • Payload/ESign.app/MJRefresh.bundle/[email protected]
    .png
  • Payload/ESign.app/MJRefresh.bundle/uk.lproj/Localizable.strings
  • Payload/ESign.app/MJRefresh.bundle/zh-Hans.lproj/Localizable.strings
  • Payload/ESign.app/MJRefresh.bundle/zh-Hant.lproj/Localizable.strings
  • Payload/ESign.app/PkgInfo
  • Payload/ESign.app/QMUIResources.bundle/Assets.car
    .pdf
  • Payload/ESign.app/QMUIResources.bundle/Info.plist
  • Payload/ESign.app/_CodeSignature/CodeResources
    .xml
  • Payload/ESign.app/ar.lproj/Localizable.strings
  • Payload/ESign.app/ckb.lproj/Localizable.strings
  • Payload/ESign.app/embedded.mobileprovision
  • Payload/ESign.app/en.lproj/InfoPlist.strings
  • Payload/ESign.app/en.lproj/Localizable.strings
  • Payload/ESign.app/fr.lproj/Localizable.strings
  • Payload/ESign.app/pt-BR.lproj/Localizable.strings
  • Payload/ESign.app/ru.lproj/Localizable.strings
  • Payload/ESign.app/signed.mobileconfig
  • Payload/ESign.app/signed_en.mobileconfig
  • Payload/ESign.app/vi.lproj/Localizable.strings
  • Payload/ESign.app/zh-HK.lproj/InfoPlist.strings
  • Payload/ESign.app/zh-HK.lproj/Localizable.strings
  • Payload/ESign.app/zh-Hans.lproj/InfoPlist.strings
  • Payload/ESign.app/zh-Hans.lproj/Localizable.strings
  • Payload/ESign.app/zh-Hant.lproj/InfoPlist.strings
  • Payload/ESign.app/zh-Hant.lproj/Localizable.strings