General

  • Target

    Scripts.zip

  • Size

    430KB

  • MD5

    f0d1fd5b8ef4ac607c2af2ffa289a930

  • SHA1

    6b45a5b45d5f93f91c055e16250d372fc419447a

  • SHA256

    814f836df0b9350218ed54bf1b003d61abf825debf0009c45d0a8d11f8e8ecf3

  • SHA512

    da67507893310a77dbe8cb2ef66c825964c27d2538e7ecb5185bfa3fe459f9b69c6ac17ea44c5747f299e647e8eec6954e0db4a942806dbbec77bf7ffc1a8521

  • SSDEEP

    12288:mciFQTPmAmEKx/ItWdK3WwTHj6e7lIVRTkolGN:LiFQTeAWmWwL7lIVPlGN

Score
5/10

Malware Config

Signatures

  • Malformed data in PDF

    A PDF can contain malformed data to evade detection

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

Files

  • Scripts.zip
    .zip
  • Unix/KPMG-Audit_UNIX Script.txt
    .sh linux
  • Unix/KPMG-UNIX Discovery Documentation.pdf
    .pdf
    • http://KPMG-Audit_UNIX_v1.6-remote.sh

    • http://KPMG-Audit_UNIX_v1.6.sh

    • http://remoteScript.sh

  • VmWare/VM Script Manual.pdf
    .pdf
    • http://Vmware.5.19.ps

    • http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli

    • http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/powercli�

    • http://support.microsoft.com/kb/968929

    • http://support.microsoft.com/kb/968929�

    • http://vmware.5.23.ps

  • VmWare/vmware.txt
    .ps1
  • Windows/checksrv/Software Inventory Script.pdf
    .pdf
  • Windows/checksrv/checksrv.txt
    .vbs
  • Windows/cpucount/Cpucount remote.txt
    .vbs
  • Windows/cpucount/RunInventory.txt
    .vbs
  • Windows/cpucount/cpucount.pdf
    .pdf
    • http://kpmg.dk

    • http://softwarecommunity.intel.com/articles/eng/2728.htm