Overview

overview

7

Static

static

6

bha_tools/...ker.sh

ubuntu-18.04-amd64

3

bha_tools/...ker.sh

debian-9-armhf

1

bha_tools/...ker.sh

debian-9-mips

3

bha_tools/...ker.sh

debian-9-mipsel

1

bha_tools/...ect.js

windows7-x64

1

bha_tools/...ect.js

windows10-2004-x64

1

bha_tools/...i85.js

windows7-x64

1

bha_tools/...i85.js

windows10-2004-x64

1

bha_tools/...p2c.js

windows7-x64

1

bha_tools/...p2c.js

windows10-2004-x64

1

bha_tools/...sql.js

windows7-x64

1

bha_tools/...sql.js

windows10-2004-x64

1

bha_tools/...ors.js

windows7-x64

1

bha_tools/...ors.js

windows10-2004-x64

1

bha_tools/...dex.js

windows7-x64

1

bha_tools/...dex.js

windows10-2004-x64

1

bha_tools/...92.pdf

windows7-x64

1

bha_tools/...92.pdf

windows10-2004-x64

1

bha_tools/...88.pdf

windows7-x64

1

bha_tools/...88.pdf

windows10-2004-x64

1

bha_tools/...88.pdf

windows7-x64

1

bha_tools/...88.pdf

windows10-2004-x64

1

bha_tools/...42.jar

windows7-x64

1

bha_tools/...42.jar

windows10-2004-x64

7

bha_tools/...et.jar

windows7-x64

1

bha_tools/...et.jar

windows10-2004-x64

7

bha_tools/...ics.js

windows7-x64

1

bha_tools/...ics.js

windows10-2004-x64

1

bha_tools/...ape.pl

ubuntu-18.04-amd64

1

bha_tools/...ape.pl

debian-9-armhf

1

bha_tools/...ape.pl

debian-9-mips

1

bha_tools/...ape.pl

debian-9-mipsel

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    a35314332b7515738feb8e317783dcec

  • Size

    728KB

  • MD5

    a35314332b7515738feb8e317783dcec

  • SHA1

    5754f1c92b196536915172907479a1bbe4682e49

  • SHA256

    39111d645d7545f09c5c2180f44f9d59bfc0c3010d63735eb43293040ce34514

  • SHA512

    00c69f21543233765268498342291621ab733ed9ef18c57bba6669ad52528acfa7ef8614938dcb407a28e956916b468d8755e43194a8fdbc9a6a81f6e58cb00a

  • SSDEEP

    12288:SL1KrbQ9Jh3iR2nz1Y9QxiQJBr/t7bvkx4puOnYRVqEVTkLCYB6ePSpCIcEMI2yj:A1eUQR2z1TxiEBrxp5nYWEVo2ODYCIcI

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • a35314332b7515738feb8e317783dcec
    .gz
  • sample
    .tar
  • bha_tools/Jynx-Kit/Makefile
  • bha_tools/Jynx-Kit/README
  • bha_tools/Jynx-Kit/bc.c
  • bha_tools/Jynx-Kit/config.h
  • bha_tools/Jynx-Kit/ld_poison.c
  • bha_tools/Jynx-Kit/packer.sh
    .sh linux
  • bha_tools/bleeding-life-2/add_visitor.php
  • bha_tools/bleeding-life-2/config.php
  • bha_tools/bleeding-life-2/disclaimer.txt
  • bha_tools/bleeding-life-2/download_file.php
  • bha_tools/bleeding-life-2/include/PluginDetect.js
    .js
  • bha_tools/bleeding-life-2/include/ascii85.php
    .js
  • bha_tools/bleeding-life-2/include/browser.php
  • bha_tools/bleeding-life-2/include/getJavaInfo.jar
    .zip
  • A.class
  • bha_tools/bleeding-life-2/include/ip-to-country.bin
  • bha_tools/bleeding-life-2/include/ip2c.php
    .js
  • bha_tools/bleeding-life-2/include/shellcode.php
  • bha_tools/bleeding-life-2/include/sql.php
    .js
  • bha_tools/bleeding-life-2/include/util.php
  • bha_tools/bleeding-life-2/include/visitors.php
    .js
  • bha_tools/bleeding-life-2/index.php
    .js
  • bha_tools/bleeding-life-2/install/index.php
  • bha_tools/bleeding-life-2/load_module.php
  • bha_tools/bleeding-life-2/modules/Adobe-2008-2992.php
    .pdf
  • bha_tools/bleeding-life-2/modules/Adobe-2010-1297.php
    .pdf .js polyglot
  • bha_tools/bleeding-life-2/modules/Adobe-2010-2884.php
    .pdf .js polyglot
  • bha_tools/bleeding-life-2/modules/Adobe-80-2010-0188.php
    .pdf
  • bha_tools/bleeding-life-2/modules/Adobe-90-2010-0188.php
    .pdf
  • bha_tools/bleeding-life-2/modules/Java-2010-0842.php
  • bha_tools/bleeding-life-2/modules/Java-2010-3552.php
  • bha_tools/bleeding-life-2/modules/JavaSignedApplet.php
  • bha_tools/bleeding-life-2/modules/helpers/Adobe-2010-1297.swf
  • bha_tools/bleeding-life-2/modules/helpers/Adobe-2010-2884.swf
  • bha_tools/bleeding-life-2/modules/helpers/Java-2010-0842.jar
    .jar
  • bha_tools/bleeding-life-2/modules/helpers/Java-2010-0842Helper.php
  • bha_tools/bleeding-life-2/modules/helpers/JavaSignedApplet.jar
    .jar
  • bha_tools/bleeding-life-2/statistics/clear.php
  • bha_tools/bleeding-life-2/statistics/css/styles.css
  • bha_tools/bleeding-life-2/statistics/images/clear.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/clear_hover.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/logo.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/logout.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/logout_hover.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/middlebar.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/spacer.png
    .png
  • bha_tools/bleeding-life-2/statistics/images/spacer2.png
    .png
  • bha_tools/bleeding-life-2/statistics/index.php
  • bha_tools/bleeding-life-2/statistics/login.php
  • bha_tools/bleeding-life-2/statistics/logout.php
  • bha_tools/bleeding-life-2/statistics/statistics.php
    .js
  • bha_tools/bleeding-life-2/statistics/update.php
  • bha_tools/gscrape/gscrape.pl
    .pl .sh linux
  • bha_tools/jynx2/Makefile
  • bha_tools/jynx2/README
  • bha_tools/jynx2/config.h
  • bha_tools/jynx2/jynx2.c
  • bha_tools/jynx2/packer.sh
    .sh linux
  • bha_tools/jynx2/reality.c
  • bha_tools/kolkata/LW2.pm
    .sh .ps1 linux polyglot
  • bha_tools/kolkata/kolkata.pl
    .pl .sh linux
  • bha_tools/kolkata/sigs/joomla.yml
  • bha_tools/kolkata/sigs/mediawiki.yml
  • bha_tools/kolkata/sigs/wordpress.yml
  • bha_tools/lfi_autopwn/lfi_autopwn.pl
    .pl .sh linux
  • bha_tools/mysql5enum/mysql5enum.pl
    .pl .sh linux
  • bha_tools/vanguard-public/LW2.pm
    .sh .ps1 linux polyglot
  • bha_tools/vanguard-public/Vanguard.pm
    .sh linux
  • bha_tools/vanguard-public/Vanguard/API.pm
  • bha_tools/vanguard-public/Vanguard/Module.pm
  • bha_tools/vanguard-public/Vanguard/Queue.pm
  • bha_tools/vanguard-public/Vanguard/Vector.pm
  • bha_tools/vanguard-public/config.yml
  • bha_tools/vanguard-public/modules/api/SHELL/SHELL.pm
  • bha_tools/vanguard-public/modules/api/WEBAPPS/WEBAPPS.pm
  • bha_tools/vanguard-public/modules/recon/CRAWL/CRAWL.pm
  • bha_tools/vanguard-public/modules/recon/CRAWL/conf.yml
  • bha_tools/vanguard-public/modules/recon/NMAP/NMAP.pm
  • bha_tools/vanguard-public/modules/recon/NMAP/conf.yml
  • bha_tools/vanguard-public/modules/test/LDAP_GET/LDAP_GET.pm
  • bha_tools/vanguard-public/modules/test/LDAP_GET/conf.yml
  • bha_tools/vanguard-public/modules/test/LDAP_POST/LDAP_POST.pm
  • bha_tools/vanguard-public/modules/test/LDAP_POST/conf.yml
  • bha_tools/vanguard-public/modules/test/LFI_GET/LFI_GET.pm
  • bha_tools/vanguard-public/modules/test/LFI_GET/conf.yml
  • bha_tools/vanguard-public/modules/test/LFI_POST/LFI_POST.pm
  • bha_tools/vanguard-public/modules/test/LFI_POST/conf.yml
  • bha_tools/vanguard-public/modules/test/RCI_GET/RCI_GET.pm
  • bha_tools/vanguard-public/modules/test/RCI_GET/conf.yml
  • bha_tools/vanguard-public/modules/test/RCI_POST/RCI_POST.pm
  • bha_tools/vanguard-public/modules/test/RCI_POST/conf.yml
  • bha_tools/vanguard-public/modules/test/RFI_GET/RFI_GET.pm
  • bha_tools/vanguard-public/modules/test/RFI_GET/conf.yml
  • bha_tools/vanguard-public/modules/test/RFI_POST/RFI_POST.pm
  • bha_tools/vanguard-public/modules/test/RFI_POST/conf.yml
  • bha_tools/vanguard-public/modules/test/SQL_GET/SQL_GET.pm
  • bha_tools/vanguard-public/modules/test/SQL_GET/conf.yml
  • bha_tools/vanguard-public/modules/test/SQL_POST/SQL_POST.pm
  • bha_tools/vanguard-public/modules/test/SQL_POST/conf.yml
  • bha_tools/vanguard-public/modules/test/XSS_GET/XSS_GET.pm
    .ps1
  • bha_tools/vanguard-public/modules/test/XSS_POST/XSS_POST.pm
    .ps1
  • bha_tools/vanguard-public/scan.pl
    .pl .sh linux