Материал для обучения[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Материал для обучения.zip
Size

6.8MB
MD5

a801314886b12f6901448178927e2a45
SHA1

d34d1c5b0d5e8f0a2b6a9dd10873c2b5acfe62ff
SHA256

3acc94e3b4e07660c4f7951ce9c8d0e9fb84721a60b432fb26167011c174989a
SHA512

4da713a151676d6c646ba3d602fc33db0dd666cf6a820e0e5a64d63b9685dc5130e06736d7b7974a3996b554f28c1f698ee5e4793956c8f029511ed32b967e3a
SSDEEP

98304:hN3LCBVVlGVaqmpiwW75T/PTB6BZXO85D2qr5GdaxPC0sMRs6oJD/e2hZAQPg:hNOs1wWRTB6BZXO89Hr5pjsOjg/DZAQI

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/ਠ/稥 .pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

Материал для обучения.zip
.zip
DjvuReader_2.0.exe
.exe windows:4 windows x86 arch:x86

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bc:29:15:f4:44:1b:9d:8a:c3:4d:01:05:8c:89:ea:e7
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

26/08/2015, 00:00

Not After

25/08/2016, 23:59

Subject

CN=\"IKO-PROF\"\, OOO,O=\"IKO-PROF\"\, OOO,POSTALCODE=192019,STREET=2-y Luch\, 16 Ofis\, 45,L=Saint-Petersburg,ST=Saint-Petersburg,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

63:57:bf:61:c2:d1:99:ea:fb:8f:f7:ff:e7:4a:03:6d:a2:a8:db:45
Signer

Actual PE Digest

63:57:bf:61:c2:d1:99:ea:fb:8f:f7:ff:e7:4a:03:6d:a2:a8:db:45

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 454KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 438KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Материал\Горячие клавиши.xls
.xls windows office2003
ਠ/Excel_  । ஢ .xlsm
.xlsm office2007
ਠ/稥 .pdf
.pdf
- http://www.ejik7.com/
- http://www.hot-keys.ru/
- http://www.hot-keys.ru/subs.html
ਠ/譥  1.xlsx
.xlsx office2007
ਠ/譥  2.xlsx
.xlsx office2007
ਠ/譥  3.xlsx
.xlsx office2007
ਠ/譥  4.xlsx
.xlsx office2007
ਠ/  .xlsx
.xlsx office2007
ਠ/ 襭.xlsx
.xlsx office2007
ਠ/᪨ 㭪樨.xlsx
.xlsx office2007
ਠ/   1.xlsx
.xlsx office2007
ਠ/   2.xlsx
.xlsx office2007
ਠ/   3.xlsx
.xlsx office2007
ਠ/   4.xlsx
.xlsx office2007
ਠ/ ⠭.xlsx
.xlsx office2007
 ., 䨫 . Microsoft Excel 2007  砩 (2007).djvu
.djvu

Sharing

General

Malware Config

Signatures

Files

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

bc:29:15:f4:44:1b:9d:8a:c3:4d:01:05:8c:89:ea:e7Certificate

Extended Key Usages

Key Usages

63:57:bf:61:c2:d1:99:ea:fb:8f:f7:ff:e7:4a:03:6d:a2:a8:db:45Signer

Headers

File Characteristics

Sections

CODE Size: 454KB - Virtual size: 456KB

DATA Size: 9KB - Virtual size: 16KB

.idata Size: 5KB - Virtual size: 8KB

.rdata Size: 438KB - Virtual size: 440KB

.rsrc Size: 71KB - Virtual size: 71KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

bc:29:15:f4:44:1b:9d:8a:c3:4d:01:05:8c:89:ea:e7
Certificate

63:57:bf:61:c2:d1:99:ea:fb:8f:f7:ff:e7:4a:03:6d:a2:a8:db:45
Signer

CODE
Size: 454KB - Virtual size: 456KB

DATA
Size: 9KB - Virtual size: 16KB

.idata
Size: 5KB - Virtual size: 8KB

.rdata
Size: 438KB - Virtual size: 440KB

.rsrc
Size: 71KB - Virtual size: 71KB