Overview

overview

7

Static

static

4

ZOomStats ...on.pdf

windows7-x64

1

ZOomStats ...on.pdf

windows10-2004-x64

1

hotlist_zo...ro.exe

windows7-x64

7

hotlist_zo...ro.exe

windows10-2004-x64

7

salespage/index.html

windows7-x64

1

salespage/index.html

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    252a6d07449e062ed3d7e787de222179_JaffaCakes118

  • Size

    1.2MB

  • MD5

    252a6d07449e062ed3d7e787de222179

  • SHA1

    0dea2e256c72d9ea5226fd0c182a55ba146639c5

  • SHA256

    5ace602b291e05f8ad232b6aebffac1ab4aed095802f013ae61e95bc7102c89e

  • SHA512

    6cf32eb2f6ca513d7ad60f4b72cc6429cfd3a250049e0c88b0c5c929006389116eb9e4ae45cedcf3ab8cc08ece33d184ac338093cc24397db7828c0e2c52ca50

  • SSDEEP

    24576:n/pewE2oW3EfIZQSWfPWuCwd3asWgUKoZYWtOvUzDiDDowsvL1S:/kwN3CNSGPWujMsLUKo1OvUfwEwQ1S

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 252a6d07449e062ed3d7e787de222179_JaffaCakes118
    .zip
  • !!README_FIRST!!.txt
  • ZOomStats PRO Installation.pdf
    .pdf

    • http://campaignignitor.com/help/scr/Installing%20In%20Root%20Directory.htm

    • http://campaignignitor.com/help/scr/Installing%20In%20Sub-Domains_%20Sub-Folders%20Or%20Add%20On%20Domains.htm

    • http://campaignignitor.com/help/scr/Installing%20Into%20An%20Add%20On%20Domain%20Directory.htm

    • http://sdtadvertising.com/hotlist

    • http://www.santasbiggiveaway.com/contributor.php?id=1

    • http://www.yourdomain.com/ilm/chmod.php

  • hotlist_zoomstatspro.exe
    .exe windows:4 windows x86 arch:x86

    c9a2ba581bf62a7bc6b37b5dd24602ce


    Headers

    Imports

    Sections

  • salespage/images/Thumbs.db
  • salespage/images/adsensefeeds.png
    .png
  • salespage/images/announcing.gif
    .gif
  • salespage/images/arrows.jpg
    .jpg
  • salespage/images/attention_all.gif
    .gif
  • salespage/images/badge_guar-90-d_red.png
    .png
  • salespage/images/bg.png
    .png
  • salespage/images/bg_grey.png
    .png
  • salespage/images/bodybg.png
    .png
  • salespage/images/checked.gif
    .gif
  • salespage/images/click_this_link.jpg
    .jpg
  • salespage/images/credit.jpg
    .jpg
  • salespage/images/done_for_you.jpg
    .jpg
  • salespage/images/download-now_blue.gif
    .gif
  • salespage/images/download-now_red.png
    .png
  • salespage/images/download.jpg
    .jpg
  • salespage/images/feat1.jpg
    .jpg
  • salespage/images/feat1.png
    .png
  • salespage/images/feat2.jpg
    .jpg
  • salespage/images/feat3.jpg
    .jpg
  • salespage/images/feat4.jpg
    .jpg
  • salespage/images/feat5.jpg
    .jpg
  • salespage/images/feat6.jpg
    .jpg
  • salespage/images/feat7.jpg
    .jpg
  • salespage/images/feat8.jpg
    .jpg
  • salespage/images/feat9.jpg
    .jpg
  • salespage/images/feat9.png
    .png
  • salespage/images/ff_bg.gif
    .gif
  • salespage/images/guaranteed.gif
    .gif
  • salespage/images/jahn-sig.jpg
    .jpg
  • salespage/images/l_cornerbottom.png
    .png
  • salespage/images/l_cornertop.png
    .png
  • salespage/images/maintemplate_02.png
    .png
  • salespage/images/maintemplate_03.png
    .png
  • salespage/images/maintemplate_04.png
    .png
  • salespage/images/maintemplate_05.png
    .png
  • salespage/images/maintemplate_06.png
    .png
  • salespage/images/maintemplate_07.png
    .png
  • salespage/images/maintemplate_07_01 copy.png
    .png
  • salespage/images/maintemplate_07_01.png
    .png
  • salespage/images/maintemplate_07_02.png
    .png
  • salespage/images/maintemplate_07_03.png
    .png
  • salespage/images/maintemplate_07_04.png
    .png
  • salespage/images/prof.jpg
    .jpg
  • salespage/images/r_cornerbottom.png
    .png
  • salespage/images/r_cornertop.png
    .png
  • salespage/images/spacer.gif
    .gif
  • salespage/images/stamplost.png
    .png
  • salespage/images/start-now_red.png
    .png
  • salespage/images/template_13.png
    .png
  • salespage/images/template_14.png
    .png
  • salespage/images/template_15.png
    .png
  • salespage/images/template_16.png
    .png
  • salespage/images/zoom250.jpg
    .jpg
  • salespage/images/zoom350_01.jpg
    .jpg
  • salespage/images/zoom350_02.jpg
    .jpg
  • salespage/images/zoom350_03.jpg
    .jpg
  • salespage/images/zoom350_04.jpg
    .jpg
  • salespage/images/zoom350_05.jpg
    .jpg
  • salespage/images/zoom350_06.jpg
    .jpg
  • salespage/images/zoom500_01.jpg
    .jpg
  • salespage/images/zoom500_02.jpg
    .jpg
  • salespage/images/zoom500_03.jpg
    .jpg
  • salespage/images/zoom500_04.jpg
    .jpg
  • salespage/images/zoom500_05.jpg
    .jpg
  • salespage/images/zoom500_06.jpg
    .jpg
  • salespage/index.html
    .html
  • salespage/styles.css