6_offer_18.exe

evad3rs evasi0n

evad3rs

This is a setup program which is used to install the application. The file has been seen being downloaded from download.jailbreakhost.com and multiple other hosts.
Publisher:
evad3rs

Product:
evad3rs evasi0n

Description:
evasi0n iOS 6.x untethered jailbreak

Version:
1.0.0

MD5:
3ea5b5ff709eb56d89295cb1a90dac43

SHA-1:
a49e7cf1059cf3da69b3033cf6b48f65ce50f7f7

SHA-256:
2cbef0238687e2cad19a1602cbbc37214d05d6c2b4293e3c9ebbd03e15616cbf

Scanner detections:
4 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 5:24:47 AM UTC  (today)

Scan engine
Detection
Engine version

Clam AntiVirus
Win.Exploit.Iosjailbreak
0.98/18355

McAfee
Artemis!3EA5B5FF709E
5600.7272

Sophos
JailBreak - Greenpois0n
4.96

ViRobot
Backdoor.Win32.A.Hupigon.12943872
2011.4.7.4223

File size:
12.3 MB (12,943,872 bytes)

Product version:
1.0.0

Copyright:
© 2013 @evad3rs. All rights reserved.

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\6_offer_18.exe

File PE Metadata
Compilation timestamp:
3/12/2013 3:48:59 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
2.23

CTPH (ssdeep):
196608:mmnl+L+Ul1cxB0w+J5pakYp24x2dZXp62Rw1RKQ63Dcfam02F3JJa9kMiNUVn0Om:mmudWZ/KLcym02F3Jwzo8nUH

Entry address:
0x12A0

Entry point:
83, EC, 1C, C7, 04, 24, 02, 00, 00, 00, FF, 15, 6C, 57, 70, 00, E8, 4B, FD, FF, FF, 8D, 74, 26, 00, 8D, BC, 27, 00, 00, 00, 00, A1, E0, 57, 70, 00, FF, E0, 89, F6, 8D, BC, 27, 00, 00, 00, 00, A1, B4, 57, 70, 00, FF, E0, 90, 90, 90, 90, 90, 90, 90, 90, 90, 55, 89, E5, 83, EC, 18, C7, 04, 24, 00, E0, 5F, 00, E8, 12, 00, 1A, 00, 52, 85, C0, 74, 65, C7, 44, 24, 04, 13, E0, 5F, 00, 89, 04, 24, E8, 05, 00, 1A, 00, 83, EC, 08, 85, C0, 74, 11, C7, 44, 24, 04, 08, 60, 6F, 00, C7, 04, 24, B8, C0, 6C, 00, FF, D0, 8B...
 
[+]

Code size:
1.9 MB (2,040,832 bytes)

The file 6_offer_18.exe has been seen being distributed by the following 17 URLs.

http://download.jailbreakhost.com/cid/2013792698.1391477012/download/evasi0n.jailbreakhost.com/.../Evasi0n_Setup.exe

http://download.jailbreakhost.com/cid/785092910.1394870981/download/evasi0n.jailbreakhost.com/.../Evasi0n_Setup.exe

http://download.jailbreakhost.com/cid/1166508840.1390337444/download/evasi0n.jailbreakhost.com/.../Evasi0n_Setup.exe

Scan 6_offer_18.exe - Powered by Reason Core Security