Overview

overview

7

Static

static

7

Manual.pdf

windows7-x64

1

Manual.pdf

windows10-2004-x64

1

PARTINFO.exe

windows7-x64

PARTINFO.exe

windows10-2004-x64

PSDOS.exe

windows7-x64

PSDOS.exe

windows10-2004-x64

PSWin.exe

windows7-x64

7

PSWin.exe

windows10-2004-x64

7

Setup.exe

windows7-x64

7

Setup.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    05a12676dbbfa3e35001e5fd37b81bdc_JaffaCakes118

  • Size

    754KB

  • MD5

    05a12676dbbfa3e35001e5fd37b81bdc

  • SHA1

    201b99f12cacf347e48f63ba72d7fc0998b7eb03

  • SHA256

    391e080880375fe93108469b21d9312d244bdd86b5f8276793117dfcbcf2245c

  • SHA512

    51aab33025572fe3229baef9d33e3e4a02222323f165c09ee287ffb7e31878babbe300eac423aa190267a1c45beb582b177394806155a759da212865bf4e372a

  • SSDEEP

    12288:n/Kl0Nd8sozzM9LCffdoBKAWtadWBW7DnY+b7Y75a84dk98G9Zy98giAVDt6GC/I:/K08RM9OflQWt9abF7dk9PwTpJYI

Score
7/10
pdflinkupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 05a12676dbbfa3e35001e5fd37b81bdc_JaffaCakes118
    .rar
  • FreeDOS.bin
    .zip
  • Manual.pdf
    .pdf

    • http://lilo.co

    • http://partitons.tt

    • http://support.microsoft.com/support/kb/articles/q197/6/67.aspInstallation

    • http://www.freedos.org

    • http://www.freedos.org/See

    • http://www.star-tools.com/All

  • Order.txt
  • PAD_File.xml
    .xml
  • PARTINFO.EXE
  • PSDOS.EXE
  • PSDOS.HLP
  • PSWin.cnt
  • PSWin.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • PSWin.hlp
  • ReadMe.txt
  • Setup.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • Setup.inf
  • 下载说明.htm
    .html .js polyglot