C:\Users\David\Documents\Git\cecil\obj\net_3_5_Release\Beebyte.Cecil.pdb
General
-
Target
Obfuscator 3.9.2.unitypackage
-
Size
1011KB
-
MD5
eec23ee78cb8632174fd30aa167ec6a6
-
SHA1
c9c7d4e3e52ce5db5620be1f4dc8ebe18907a162
-
SHA256
1bfbc012b0f9f918574e4a9532933d33a6d873fff13e656d9136fa5c2d825201
-
SHA512
7b4acb7291665f786eb48d822f5d10a91f824d9eeb0db2b68e3caa4954457e3b076e7884afd910336395d095bd644cf3d2d06816d203e5c087cf3d64da978692
-
SSDEEP
24576:AVTzxqVRjwl8SGofDAdJj7lGDq2MiAuO6DrqaAELAVuF6HRRpIcOiJphEcps/j:MqXGLsv7gqx6AJVTIoJpTpsr
Malware Config
Signatures
-
HTTP links in PDF interactive object 2 IoCs
Detects HTTP links in interactive objects within PDF files.
resource yara_rule static1/unpack001/sample pdf_with_link_action static1/unpack002/02d2e270ae961de4fb322613eb4815e3/asset pdf_with_link_action -
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack002/17a4ace9e0958b2488d4433197bc79f9/asset unpack002/2f8c8a3fc07f10749a23a773b93b97b6/asset unpack002/4a22658590e81f24e8559971b6d77a57/asset unpack002/5a6eeb7814c8aa443b8b82084170b6d4/asset unpack002/66bd02e2746234647a685703c57241ec/asset
Files
-
Obfuscator 3.9.2.unitypackage.gz
-
sample.tar .js .pdf polyglot
-
.icon.png.png
-
004ba706b30308f49ad9214f313587c2/asset.js
-
004ba706b30308f49ad9214f313587c2/asset.meta
-
004ba706b30308f49ad9214f313587c2/pathname
-
02d2e270ae961de4fb322613eb4815e3/asset.pdf
-
https://docs.unity3d.com/Manual/ScriptCompilationAssemblyDefinitionFiles.html
-
https://en.wikipedia.org/wiki/SOLID_(object-oriented_design)
-
-
02d2e270ae961de4fb322613eb4815e3/asset.meta
-
02d2e270ae961de4fb322613eb4815e3/pathname
-
03318b5bebc7dc74cbb8a77069562661/asset
-
03318b5bebc7dc74cbb8a77069562661/asset.meta
-
03318b5bebc7dc74cbb8a77069562661/pathname
-
04b72297763b2b248a299450309ef5c3/asset
-
04b72297763b2b248a299450309ef5c3/asset.meta
-
04b72297763b2b248a299450309ef5c3/pathname
-
09a26d25512353049a7b7e8474c3895e/asset
-
09a26d25512353049a7b7e8474c3895e/asset.meta
-
09a26d25512353049a7b7e8474c3895e/pathname
-
0dd28f0e347550542af285906ff2b7b6/asset
-
0dd28f0e347550542af285906ff2b7b6/asset.meta
-
0dd28f0e347550542af285906ff2b7b6/pathname
-
0e58d2c1e4e71f44eaede1aa32269329/asset.meta
-
0e58d2c1e4e71f44eaede1aa32269329/pathname
-
127983f6e52ffcd48b32ca6570834a69/asset
-
127983f6e52ffcd48b32ca6570834a69/asset.meta
-
127983f6e52ffcd48b32ca6570834a69/pathname
-
17a4ace9e0958b2488d4433197bc79f9/asset.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Imports
mscoree
_CorDllMain
Sections
.text Size: 327KB - Virtual size: 327KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 856B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
17a4ace9e0958b2488d4433197bc79f9/asset.meta
-
17a4ace9e0958b2488d4433197bc79f9/pathname
-
181fc9a6bda9f944d92bab048f7b24d9/asset
-
181fc9a6bda9f944d92bab048f7b24d9/asset.meta
-
181fc9a6bda9f944d92bab048f7b24d9/pathname
-
19b5fde17c327fc47b67f5109de2b5c1/asset.meta
-
19b5fde17c327fc47b67f5109de2b5c1/pathname
-
1df974fcdfd736a45b6c7abc1f21004a/asset
-
1df974fcdfd736a45b6c7abc1f21004a/asset.meta
-
1df974fcdfd736a45b6c7abc1f21004a/pathname
-
2288ab70b40614240a9d8b9992e32b5d/asset
-
2288ab70b40614240a9d8b9992e32b5d/asset.meta
-
2288ab70b40614240a9d8b9992e32b5d/pathname
-
2f8c8a3fc07f10749a23a773b93b97b6/asset.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\David\Documents\Git\cecil\rocks\obj\net_3_5_Release\Beebyte.Cecil.Rocks.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 892B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
2f8c8a3fc07f10749a23a773b93b97b6/asset.meta
-
2f8c8a3fc07f10749a23a773b93b97b6/pathname
-
36b15db65a6bcba42aa20d57ec36dc0e/asset
-
36b15db65a6bcba42aa20d57ec36dc0e/asset.meta
-
36b15db65a6bcba42aa20d57ec36dc0e/pathname
-
394a919afd2ae05469de950ccb62fad7/asset.js
-
394a919afd2ae05469de950ccb62fad7/asset.meta
-
394a919afd2ae05469de950ccb62fad7/pathname
-
3e3ecf6bcbce4c84e9acc4cb4d8a0481/asset
-
3e3ecf6bcbce4c84e9acc4cb4d8a0481/asset.meta
-
3e3ecf6bcbce4c84e9acc4cb4d8a0481/pathname
-
4a22658590e81f24e8559971b6d77a57/asset.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\David\Documents\Git\cecil\symbols\pdb\obj\net_3_5_Release\Beebyte.Cecil.Pdb.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 82KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 880B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
4a22658590e81f24e8559971b6d77a57/asset.meta
-
4a22658590e81f24e8559971b6d77a57/pathname
-
555e23ec41b0cea4599481f593be7b4a/asset
-
555e23ec41b0cea4599481f593be7b4a/asset.meta
-
555e23ec41b0cea4599481f593be7b4a/pathname
-
5a6eeb7814c8aa443b8b82084170b6d4/asset.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\David\Documents\Git\cecil\symbols\mdb\obj\net_3_5_Release\Beebyte.Cecil.Mdb.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 880B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
5a6eeb7814c8aa443b8b82084170b6d4/asset.meta
-
5a6eeb7814c8aa443b8b82084170b6d4/pathname
-
66bd02e2746234647a685703c57241ec/asset.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\Users\David\Documents\Git\Obfuscator\Main\bin\Release\obfuscator.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
66bd02e2746234647a685703c57241ec/asset.meta
-
66bd02e2746234647a685703c57241ec/pathname
-
6c710f8c964a32a4bb73f15b7e8bf7db/asset.meta
-
6c710f8c964a32a4bb73f15b7e8bf7db/pathname
-
711b9ff7066f3ec459cd07638a83395a/asset.meta
-
711b9ff7066f3ec459cd07638a83395a/pathname
-
728ddb37c92a36e45a166a4f403334eb/asset.meta
-
728ddb37c92a36e45a166a4f403334eb/pathname
-
82b8519c2b68ec346a26608597706bb6/asset
-
82b8519c2b68ec346a26608597706bb6/asset.meta
-
82b8519c2b68ec346a26608597706bb6/pathname
-
91c4b3f6a3ac7854cb305ce1f2707fa2/asset.js
-
91c4b3f6a3ac7854cb305ce1f2707fa2/asset.meta
-
91c4b3f6a3ac7854cb305ce1f2707fa2/pathname
-
a36e5eb7b0b859e4ba76abeef0cf6e0b/asset.meta
-
a36e5eb7b0b859e4ba76abeef0cf6e0b/pathname
-
a90e2dac090cc6844aedc1fa9c457ac5/asset
-
a90e2dac090cc6844aedc1fa9c457ac5/asset.meta
-
a90e2dac090cc6844aedc1fa9c457ac5/pathname
-
b489aabd28c6fcd47ba0e3800e63c008/asset
-
b489aabd28c6fcd47ba0e3800e63c008/asset.meta
-
b489aabd28c6fcd47ba0e3800e63c008/pathname
-
c1c2517caf2151c4db5cd7f23599215d/asset.meta
-
c1c2517caf2151c4db5cd7f23599215d/pathname
-
c209dcdf03e74ef2a8a2499bbbc6ac47/asset.js
-
c209dcdf03e74ef2a8a2499bbbc6ac47/asset.meta
-
c209dcdf03e74ef2a8a2499bbbc6ac47/pathname
-
d048d941eb0d44c1b2321e1feaa06fc0/asset.js
-
d048d941eb0d44c1b2321e1feaa06fc0/asset.meta
-
d048d941eb0d44c1b2321e1feaa06fc0/pathname
-
deaebd23fa7658a449def3d74a4cb94f/asset
-
deaebd23fa7658a449def3d74a4cb94f/asset.meta
-
deaebd23fa7658a449def3d74a4cb94f/pathname
-
df23ccf9e7363654e984640681ae86cd/asset.meta
-
df23ccf9e7363654e984640681ae86cd/pathname
-
e09e48f79ca11e348bc98b1cf8e479ae/asset
-
e09e48f79ca11e348bc98b1cf8e479ae/asset.meta
-
e09e48f79ca11e348bc98b1cf8e479ae/pathname
-
eadea68d080befc40bf4a084b6e50974/asset.meta
-
eadea68d080befc40bf4a084b6e50974/pathname
-
eeac2113ec2cb364fa42782c57e2c802/asset
-
eeac2113ec2cb364fa42782c57e2c802/asset.meta
-
eeac2113ec2cb364fa42782c57e2c802/pathname
-
ff2dce0e10fe14e4db5cb44f88208d4c/asset
-
ff2dce0e10fe14e4db5cb44f88208d4c/asset.meta
-
ff2dce0e10fe14e4db5cb44f88208d4c/pathname