Overview

overview

7

Static

static

7

DSDOS.exe

windows7-x64

DSDOS.exe

windows10-2004-x64

DSWin.exe

windows7-x64

7

DSWin.exe

windows10-2004-x64

7

Manual.pdf

windows7-x64

3

Manual.pdf

windows10-2004-x64

3

Setup.exe

windows7-x64

7

Setup.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    c19dc5d2afdc3956e5697c49ed08cab4_JaffaCakes118

  • Size

    701KB

  • MD5

    c19dc5d2afdc3956e5697c49ed08cab4

  • SHA1

    afcd73b0c2556d3e2adc52053e9c043fd37ef2f7

  • SHA256

    ebc646c5c80f44c47de4134cc0746ce656be4fab0430c9131ed5eb07c42a790a

  • SHA512

    8a567827ede695d3a2f51cea20f534fa27df81a1187f1ba2f02e5218eee1a46e8f438fdcc9473b99f8adee0bab8723909f5d9752a2794c5447f3bd9a20b56470

  • SSDEEP

    12288:8/Kl0Nd8070oriio7/qOB7kbc5Ime9o1is58kVGY0iKLI/DR1lIi0qAD8:6K08070Iir7T+mg7s58kVxPRbRaY

Score
7/10
pdflinkupx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • c19dc5d2afdc3956e5697c49ed08cab4_JaffaCakes118
    .rar
  • DSDOS.EXE
  • DSDOS.HLP
  • DSWIN.HLP
  • DSWin.cnt
  • DSWin.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • FreeDOS.bin
    .zip
  • Manual.pdf
    .pdf

    • http://partitons.tt

    • http://www.freedos.org

    • http://www.freedos.org/See

    • http://www.star-tools.com/All

  • Order.txt
  • PAD_File.xml
    .xml
  • ReadMe.txt
  • Setup.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • Setup.inf
  • 下载说明.htm
    .html .js polyglot