General
Target

e0d7fadbfdc8eaad4071e6d99698f460f9eae7ddd1b27e2d21028dbd10fa0d5a

Filesize

1MB

Completed

21-05-2022 11:11

Task

static1

Score
3/10
MD5

c53186df717d8037ff5edb0fc9736dda

SHA1

510cf2f79270303ca5a18474ca541d0ecb20c599

SHA256

e0d7fadbfdc8eaad4071e6d99698f460f9eae7ddd1b27e2d21028dbd10fa0d5a

SHA512

4a3b8fd9d1fe648373b1f3b90e53b726c62da083feb6e70345dcd8386c04b77e85a12367e74278467e092e4a5b30f9c8c5f7174f7a83de72d951db36b763eb10

Malware Config
Signatures 1

Filter: none

  • One or more HTTP URLs in PDF identified

    Description

    Detects presence of HTTP links in PDF files.

    Tags

Files

  • e0d7fadbfdc8eaad4071e6d99698f460f9eae7ddd1b27e2d21028dbd10fa0d5a Extensions .pdf

    https://twitter.com/kindredsec

    https://github.com/itsKindred/malware-analysis-writeups/tree/master/bashar-bachir-chain/helperScripts/extractNodExes.py

    https://www.virustotal.com/gui/file/dda9f301fefb543235cd29166dd7bf306e2d52fa6126c887f12c1f4a2c8a3fb0/detection

    https://github.com/yck1509/ConfuserEx

    https://docs.microsoft.com/en-us/dotnet/api/system.reflection.assembly.createinstance?view=netframework-4.8

    https://www.youtube.com/watch?v=OqhGU1s6kVk

    https://github.com/itsKindred/malware-analysis-writeups/tree/master/bashar-bachir-chain/files/downloader.ps1

    https://github.com/itsKindred/malware-analysis-writeups/tree/master/bashar-bachir-chain/files/nod.ps1

    https://github.com/itsKindred/malware-analysis-writeups/tree/master/bashar-bachir-chain/files/avastt.ps1