Favorites
Tools
Dr.Zero Chatbot
Notifications
Guide 2020-06-10
Version history 2020-06-10

latestReport
09.20 01:09
setup.exe
09.20 11:09
3uTools.exe
09.20 11:09
66ecb4573225b_vsbhfdg1...
09.20 10:09
66ecb452ba19c_sfbdsgfd...
09.20 10:09
66ecb44c35444_vfdhsgdf...
09.20 10:09
66ec0e61998bf_setup30.exe
09.20 10:09
66ebf725efe38_lyla.exe
09.20 10:09
Desktop_Explorer.exe
09.20 10:09
66ec3528901bb_winupdat...
09.20 10:09
Inquiry-Dubai.js

Latest News
09.20 03:09
스타일러스·따뜻한동행, 장애인 위한 '동...
09.20 03:09
[PASCON 2024-영상] 굿모닝아이...
09.20 03:09
Critical Ivanti Cloud ...
09.20 03:09
SOOSAN INT Product Sec...
09.20 02:09
Inside a Portable Sate...
09.20 02:09
리튬포어스, 카카오프렌즈 ‘휴대용 미니 ...
09.20 02:09
제이피에스코스메틱 선형훈 대표이사, 산업...
09.20 02:09
Fence Agents Remediati...
09.20 01:09
재능넷, AI 기반 시각화 전문 지식 서...
09.20 01:09
[PASCON 2024-영상] 카스퍼스키...

Summary | ZeroBOX

zupiwor.pdf

PDF Suspicious Link PDF

Category	Machine	Started	Completed
FILE	s1_win7_x6402	July 9, 2021, 10:36 a.m.	July 9, 2021, 10:38 a.m.

Size	69.1KB
Type	PDF document, version 1.4
MD5	`cc4ad8222b80e535506785ae1b6b6c30`
SHA256	`7f257f9b0d3cdf6a5d0b889270712d09946ee80262946cc41df713049724adf6`
CRC32	`5F253C7B`
ssdeep	`1536:G8I24vLvrEX4iKRORAkMcz12xQNC0g0MRU3Ds5:xI24zrEXbK4RvMxxvxAC`
Yara	PDF_Suspicious_Link_Z - PDF Suspicious Link PDF_Format_Z - PDF Format

AcroRd32.exe "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" C:\Users\test22\AppData\Local\Temp\zupiwor.pdf
2420

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Allocates read-write-execute memory (usually to unpack itself) (1 event)

Time & API	Arguments	Status	Return	Repeated
NtProtectVirtualMemory July 9, 2021, 10:36 a.m.	process_identifier: 2420 stack_dep_bypass: 0 stack_pivoted: 0 heap_dep_bypass: 0 length: 4096 protection: 64 (PAGE_EXECUTE_READWRITE) base_address: 0x71623000 process_handle: 0xffffffff	1	0	0