Overview

overview

6

Static

static

6

2.5/avkrxz...se.pdf

windows7-x64

3

2.5/avkrxz...se.pdf

windows10-2004-x64

3

2.5/bmxvfp...xpi.js

windows7-x64

3

2.5/bmxvfp...xpi.js

windows10-2004-x64

3

2.5/brazel...u.html

windows7-x64

3

2.5/brazel...u.html

windows10-2004-x64

2.5/btkmaz...b.html

windows7-x64

3

2.5/btkmaz...b.html

windows10-2004-x64

3

2.5/cqftxm...u.html

windows7-x64

3

2.5/cqftxm...u.html

windows10-2004-x64

3

2.5/dsymjw...j.html

windows7-x64

3

2.5/dsymjw...j.html

windows10-2004-x64

3

2.5/elbzjnfvhoez2.jar

windows7-x64

1

2.5/elbzjnfvhoez2.jar

windows10-2004-x64

1

2.5/fnduyl...z.html

windows7-x64

3

2.5/fnduyl...z.html

windows10-2004-x64

3

2.5/fqbmjm...k.html

windows7-x64

3

2.5/fqbmjm...k.html

windows10-2004-x64

1

2.5/gsytjw...ry.pdf

windows7-x64

3

2.5/gsytjw...ry.pdf

windows10-2004-x64

3

2.5/gtcpbw...ezx.js

windows7-x64

3

2.5/gtcpbw...ezx.js

windows10-2004-x64

3

2.5/hmgngq...c.html

windows7-x64

3

2.5/hmgngq...c.html

windows10-2004-x64

3

2.5/huklksimf3.js

windows7-x64

3

2.5/huklksimf3.js

windows10-2004-x64

3

2.5/itywkl...q.html

windows7-x64

3

2.5/itywkl...q.html

windows10-2004-x64

3

2.5/ivfwdo...y.html

windows7-x64

3

2.5/ivfwdo...y.html

windows10-2004-x64

3

2.5/jsdqhwevavfs.jar

windows7-x64

1

2.5/jsdqhwevavfs.jar

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    dab70acf97ed516dcc7068614f90ceb9_JaffaCakes118

  • Size

    3.0MB

  • MD5

    dab70acf97ed516dcc7068614f90ceb9

  • SHA1

    6bd77fcc6ab737a51b5970e7c6b4798bbce10f0c

  • SHA256

    cf5058188c7051f548ba43ef685ce2ba795ba034deb984b1970a23b5303959cf

  • SHA512

    595419a740366d81c324256cc13210a020b7f6374367618c652d768485cf0ec3e73012be1ca91e3982a32e4e871d4e3bdfcf8cfb2bd2d47a490411617eda1b91

  • SSDEEP

    49152:RyPjJO0rtcRrNUSIPelE7W1PrASD2OhBvnbCDQmimK72FdqdYv281GokefMUI18:RyPjJ5tCwKE7uPHD2+u0mimKCFd+w7gG

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • dab70acf97ed516dcc7068614f90ceb9_JaffaCakes118
    .zip

    Password: infected

  • 2.5/License Agreement_ENG.txt
  • 2.5/License Agreement_RU.txt
  • 2.5/ReadMe_ENG.txt
  • 2.5/ReadMe_RU.txt
  • 2.5/Technical Notes.txt
  • 2.5/Thumbs.db
  • 2.5/avkrxzcuaueoise.pdf
    .pdf
  • 2.5/blawklbsyqkv.asx
  • 2.5/bma.php
  • 2.5/bmelgrdoyu.jpg
    .jpg
  • 2.5/bmkphphoezbpyu.bin
  • 2.5/bmxvfpdmxtxmimxpi.php
    .js
  • 2.5/bqxpezxtgliqilirb7.smil
  • 2.5/brazelivjugzxu.html
    .js
  • 2.5/btkmazjqxzczb.html
    .js
  • 2.5/cqftxmdpdtxrhu.html
    .js
  • 2.5/csineqhvanysivalap.dat
  • 2.5/dr.php
  • 2.5/drjzdngqisg5.gif
    .gif
  • 2.5/drkmjrc.dat
  • 2.5/dsymjwkuhshtamj.html
  • 2.5/elbzjnfvhoez2.jar
    .jar
  • 2.5/epjmanyqducskoi.php
  • 2.5/epxwiwephretk9.php
  • 2.5/evhrcnf.php
  • 2.5/fnduylasdvdwhz.html
    .js
  • 2.5/fqbmjmazhwfvk.html
    .js
  • 2.5/gofvfqasazivb7.jpg
    .jpg
  • 2.5/gsytjwdmfqkldry.pdf
    .pdf
  • 2.5/gtcpbwbzdvcvezx.php
    .js
  • 2.5/hmgngqxoipjwc.html
    .js
  • 2.5/huklksimf3.php
    .js
  • 2.5/index.php
  • 2.5/install.php
  • 2.5/isasflgzkvkoapa.gif
    .gif
  • 2.5/itivhqcuele.php
  • 2.5/itywkleuynfpjq.html
    .js
  • 2.5/ivfwdoboavknkty.html
    .js
  • 2.5/jmclktapksazfzdoa1.ram
  • 2.5/jmdmgsevxuelywktjq.php
  • 2.5/jsdqhwevavfs.jar
    .jar
  • 2.5/kqerkrencvjrynx.jpg
    .jpg
  • 2.5/kqyscwdshniu.jar
    .jar
  • 2.5/ktdzjuiwavbtjqfr.gif
    .gif
  • 2.5/kvxlkpxpfrizas8.pdf
    .pdf
  • 2.5/kwypbmepxpfrhoi.ram
  • 2.5/new.avi
    .jar
  • 2.5/xnbsyoesclip.php
  • 2.5/xocmkmcogmhrjtx.html
    .js
  • 2.5/xpetcnenx.php
    .js
  • 2.5/xqjoaoelipdp6.html
    .js
  • 2.5/yojukldnarcphrjuau.php
  • 2.5/ypcpyrhz.jpg
    .jpg
  • 2.5/yqcwaqdzewisasdud.php
  • 2.5/yvctdtezxrd.php
  • 2.5/yzbwkuivbvbtxra.php
  • swateam.nfo