ScreenShot
| Created | 2021.08.23 11:56 | Machine | s1_win7_x6402 |
| Filename | vunateduremar.pdf | ||
| Type | PDF document, version 1.4 | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | 72950325644838b18c5d4e86d4dbda1d | ||
| sha256 | b2a6385c3f4b161aeaa731ea60d419bf75a0ff098dd397ecd6f0c2c1431a691c | ||
| ssdeep | 1536:JgjkMa5f6b1nelXHa2n15LhJhcrgdYBY+VaIV6pDYgUbKZau4Vy:cvb1elXHxBorAYBY+UI4pDYgUG0un | ||
| imphash | |||
| impfuzzy | |||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| watch | One or more non-whitelisted processes were created |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Uses Windows utilities for basic Windows functionality |
Rules (2cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | PDF_Suspicious_Link_Z | PDF Suspicious Link | binaries (upload) |
| notice | PDF_Format_Z | PDF Format | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|