Overview

overview

9

Static

static

3

Frombyte R....1.exe

windows7-x64

9

Frombyte R....1.exe

windows10-2004-x64

9

Frombyte_R....1.exe

windows7-x64

9

Frombyte_R....1.exe

windows10-2004-x64

9

Frombyte_R...��.doc

windows7-x64

4

Frombyte_R...��.doc

windows10-2004-x64

1

Frombyte_R...� .pdf

windows7-x64

1

Frombyte_R...� .pdf

windows10-2004-x64

1

使用说明.pdf

windows7-x64

1

使用说明.pdf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a502bc85e085655d21a69ca05c1b8e22_JaffaCakes118

  • Size

    9.1MB

  • MD5

    a502bc85e085655d21a69ca05c1b8e22

  • SHA1

    cf283bebba0b75def2c21762f98e8e352a3fa578

  • SHA256

    f6f161bde933a77243f8107a7d1c75c628d5e8c654f84296325ab24596d04480

  • SHA512

    b989c5f1358b2778c5cd03245570f92ec7b7cbe5e8885fa46098f654c8ed89739fabe7c6e43d8cbb5e9d8530d443668470ec29478dfd214b00739cc291b44de1

  • SSDEEP

    196608:5c4BiYq0D9y2jkLtyUK2Vb/c4BiYq0D9y2jkLtyUK2Vb0ZZmtUzLMBTNcC3A:5cKiYvD0Dss5/cKiYvD0Dss5FUzLMBT0

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • a502bc85e085655d21a69ca05c1b8e22_JaffaCakes118
    .rar
  • Frombyte Recovery For DV v2.1.exe
    .exe windows:4 windows x86 arch:x86

    5edc6074230533662535ae9981b4b69d


    Headers

    Imports

    Sections

  • Frombyte_Recovery_For_DV/Frombyte Recovery For DV v2.1.exe
    .exe windows:4 windows x86 arch:x86

    5edc6074230533662535ae9981b4b69d


    Headers

    Imports

    Sections

  • Frombyte_Recovery_For_DV/北亚摄像机恢复软件V2.1文档.doc
    .doc windows office2003
  • Frombyte_Recovery_For_DV/北亚摄像机数据恢复软件使用说明 .pdf
    .pdf

    • http://www.fromyte.cn

  • 使用说明.pdf
    .pdf

    • http://www.fromyte.cn