Email_Forensics_kvavvas-mpksa20005[.]pdf

Sharing

Copy URL

Twitter E-mail

General

Target

Email_Forensics_kvavvas-mpksa20005.pdf
Size

433KB
MD5

41b42f69367f9cded4bd112e20b6f8bd
SHA1

7145249e88b61e2d05ab7c78f0398fdca89fda4f
SHA256

d36a666150469666d9faf232bcca4ee95c8a0752497f84fd76c443ec082127ba
SHA512

afe326ade543ceaf9819d47fd49f1b1e9616ed59b27c0e657d88457f623fa2ee88d42cbde53c1d68182fead45f4f1601f5031e830da4287a571052d1ff5cdf57
SSDEEP

12288:BF+Ir8MWzRKqLc2RtAGWXwxaGSKUpkO/zett:BF+ITWFxRbY7pkO/z0

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
pdf link

Processes:

resource yara_rule

sample pdf_with_link_action
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

resource	yara_rule
sample	pdf_with_link_action

Files

Email_Forensics_kvavvas-mpksa20005.pdf
.pdf
- https://tools.ietf.org/html/rfc561
- https://el.wikipedia.org/wiki/%CE%94%CE%B9%CE%B1%CE%B4%CE%AF%CE%BA%CF%84%CF%85%CE%BF
- https://el.wikipedia.org/wiki/%CE%A0%CF%81%CE%BF%CF%83%CF%89%CF%80%CE%B9%CE%BA%CE%AC_%CE%B4%CE%B5%CE%B4%CE%BF%CE%BC%CE%AD%CE%BD%CE%B1
- https://el.wikipedia.org/wiki/%CE%A3%CE%BA%CE%BB%CE%B7%CF%81%CF%8C%CF%82_%CE%B4%CE%AF%CF%83%CE%BA%CE%BF%CF%82
- https://el.wikipedia.org/wiki/Server
- https://datatracker.ietf.org/doc/html/rfc2049
- https://www.metaspike.com/leveraging-dkim-email-forensics/
- https://datatracker.ietf.org/doc/html/rfc7489
- https://www.vadesecure.com/en/blog/phishers-favorites-top-25-h1-2021-worldwide-edition
- https://packagecontrol.io/packages/Email%20Header
- https://mxtoolbox.com/EmailHeaders.aspx
- https://centralops.net/co/EmailDossier.aspx
- https://www.mitec.cz/mailview.html
- https://www.ostpstviewer.com/
- http://www.emailtrackerpro.com/
- http://icyberchef.com/
- https://dmarc.org/
- https://www.iana.org/assignments/message-headers/message-headers.xhtml
- https://posts.bluraven.io/threat-hunting-and-detection-with-email-logs-4b1e37f5d035
- https://forensicswiki.xyz/page/Main_Page
- https://www.virustotal.com/gui/home/upload
- https://www.youtube.com/watch?v=nK5QpGSBR8c
- https://www.youtube.com/watch?v=IOGKjxy0Sww
- https://www.clamav.net/
- https://tools.ietf.org/html/rfc561en-US
- http://futurepipe.com
- http://pps.pr
- https://datatracker.ietf.org/doc/html/rfc2049en-US
- http://KL1PR0201MB2117.apcprd02.prod.outlook.com
- http://HK2PR0201MB2115.apcprd02.prod.outlook.com
- http://SG2PR02CA0016.apcprd02.prod.outlook.com
- http://HK2APC01FT050.eop-APC01.prod.protection.outlook.com
- http://SG2PR02CA0016.outlook.office365.com
- http://HK2APC01FT050.mail.protection.outlook.com
- http://m0001332.ppops.net
- http://pernod-ricard.com
- http://server.netcomm-experts.com
- http://ded3852.inmotionhosting.com
- http://mx0b-0012cd01.pphosted.com
- http://pernoden-US-ricard.com
- http://protection.outlook.com
- http://futurepipeen-US.com
- http://instituutheidi.be
- http://apcprd02.prod.outlook.com
- https://www.vadesecure.com/en/blog/phishers-favorites-top-25-h1-2021-worldwide-editionen-US
- https://packagecontrol.io/packages/Email%20Headeren-US
- https://mxtoolbox.com/EmailHeaders.aspxen-US
- https://www.ostpstviewer.com/en-US
- http://www.emailtrackerpro.com/en-US
- http://icyberchef.com/en-US
- https://www.metaspike.com/leveraging-dkim-email-forensics/en-US
- https://dmarc.org/en-US
- https://www.iana.org/assignments/message-headers/message-headers.xhtmlen-US
- https://posts.bluraven.io/threat-hunting-and-detection-with-email-logs-4b1e37f5d035en-US
- https://forensicswiki.xyz/page/Main_Pageen-US
- https://www.virustotal.com/gui/home/uploaden-US
- https://www.youtube.com/watch?v=nK5QpGSBR8cen-US
- https://www.youtube.com/watch?v=IOGKjxy0Swwen-US
- https://www.clamav.net/en-US
- Show all