AA21-077A-Detecting_Post-Compromise_Threat_Activity_Using_CHIRP_508[.]pdf | Triage

Submit
Reports

Overview

overview

3

Static

static

3

AA21-077A-...08.pdf

windows7_x64

1

AA21-077A-...08.pdf

windows10_x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

AA21-077A-Detecting_Post-Compromise_Threat_Activity_Using_CHIRP_508.pdf

Resource

win7-en-20211014

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

AA21-077A-Detecting_Post-Compromise_Threat_Activity_Using_CHIRP_508.pdf

Resource

win10-en-20211104

windows10_x64

0 signatures

0 seconds

General

Target

AA21-077A-Detecting_Post-Compromise_Threat_Activity_Using_CHIRP_508.pdf
Size

243KB
MD5

d45b2bcb634e2d0cf063c082889bbebc
SHA1

fe368a8a74a298d0cfb86ec16955dfa53aa8a664
SHA256

534263edccea45c6f46aaa418554bf6d2815358d281718a03decfef960032687
SHA512

4944795cb354c10ac0c0244f55b4cbbdd1ac67e58de854fbdf65c119eb4ea23e27424ff849b165aadcd9f1ceab5d8959c71436c6aaed7353a207c271c916a53c

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

AA21-077A-Detecting_Post-Compromise_Threat_Activity_Using_CHIRP_508.pdf
.pdf
- https://github.com/cisagov/CHIRP
- https://us-cert.cisa.gov/report
- https://us-cert.cisa.gov/ncas/analysis-reports/ar21-039b
- https://us-cert.cisa.gov/ncas/alerts/aa21-008a
- https://us-cert.cisa.gov/ncas/alerts/aa20-352a
- https://github.com/cisagov
- https://github.com/cisagov/Sparrow

© 2018-2024

Terms | Privacy