General
-
Target
24de2b71477635f2bdb96e6990ed37de9cb8848dd29210ffe8ddd1d0ec948734
-
Size
1.2MB
-
MD5
51af3b88b8d31e4eede4d66ec8ec98a1
-
SHA1
6d6de3d79122f30db977493033da635fd8c6a74b
-
SHA256
24de2b71477635f2bdb96e6990ed37de9cb8848dd29210ffe8ddd1d0ec948734
-
SHA512
e2085951dc779feebfaa9a47d3f1c9b305571236677d7e8bcf57384866e9a65205bc0ada36b40965d9398d6f523484b507b298d4c64e27a5cf7e4f74c0331251
-
SSDEEP
24576:8a7F0lTqGaE+PQU0OVAgbvDmn30+Z9sXvjwflkHSMn2gk1H6O7ssOUV:8ah0dqW+P/GMvSnZ9yvkflkytP1H6gs+
Score
4/10
Malware Config
Signatures
-
HTTP links in PDF interactive object 2 IoCs
Detects HTTP links in interactive objects within PDF files.
Files
-
24de2b71477635f2bdb96e6990ed37de9cb8848dd29210ffe8ddd1d0ec948734
-
sample
-
1411-exploits/CORE-2014-0009.txt
-
1411-exploits/CVE-2014-6352.rar
-
CVE-2014-6352.py
-
temp/[Content_Types].xml
-
temp/_rels/.rels
-
temp/docProps/app.xml
-
temp/docProps/core.xml
-
temp/docProps/thumbnail.jpeg
-
temp/ppt/_rels/presentation.xml.rels
-
temp/ppt/drawings/_rels/vmlDrawing1.vml.rels
-
temp/ppt/drawings/vmlDrawing1.vml
-
temp/ppt/media/image1.wmf
-
temp/ppt/presProps.xml
-
temp/ppt/presentation.xml
-
temp/ppt/slideLayouts/_rels/slideLayout1.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout10.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout11.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout2.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout3.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout4.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout5.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout6.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout7.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout8.xml.rels
-
temp/ppt/slideLayouts/_rels/slideLayout9.xml.rels
-
temp/ppt/slideLayouts/slideLayout1.xml
-
temp/ppt/slideLayouts/slideLayout10.xml
-
temp/ppt/slideLayouts/slideLayout11.xml
-
temp/ppt/slideLayouts/slideLayout2.xml
-
temp/ppt/slideLayouts/slideLayout3.xml
-
temp/ppt/slideLayouts/slideLayout4.xml
-
temp/ppt/slideLayouts/slideLayout5.xml
-
temp/ppt/slideLayouts/slideLayout6.xml
-
temp/ppt/slideLayouts/slideLayout7.xml
-
temp/ppt/slideLayouts/slideLayout8.xml
-
temp/ppt/slideLayouts/slideLayout9.xml
-
temp/ppt/slideMasters/_rels/slideMaster1.xml.rels
-
temp/ppt/slideMasters/slideMaster1.xml
-
temp/ppt/slides/_rels/slide1.xml.rels
-
temp/ppt/slides/slide1.xml
-
temp/ppt/tableStyles.xml
-
temp/ppt/theme/theme1.xml
-
temp/ppt/viewProps.xml
-
1411-exploits/ExploitRemotingService-master.zip
-
ExploitRemotingService-master/.gitignore
-
ExploitRemotingService-master/ExampleRemotingService/App.config
-
ExploitRemotingService-master/ExampleRemotingService/ExampleRemotingService.csproj
-
ExploitRemotingService-master/ExampleRemotingService/Program.cs
-
ExploitRemotingService-master/ExampleRemotingService/Properties/AssemblyInfo.cs
-
ExploitRemotingService-master/ExampleRemotingService/packages.config
-
ExploitRemotingService-master/ExploitRemotingService.sln
-
ExploitRemotingService-master/ExploitRemotingService/App.config
-
ExploitRemotingService-master/ExploitRemotingService/ExploitRemotingService.csproj
-
ExploitRemotingService-master/ExploitRemotingService/FakeComObjRef.cs
-
ExploitRemotingService-master/ExploitRemotingService/FakeMessage.cs
-
ExploitRemotingService-master/ExploitRemotingService/FakeMethod.cs
-
ExploitRemotingService-master/ExploitRemotingService/FakeType.cs
-
ExploitRemotingService-master/ExploitRemotingService/Program.cs
-
ExploitRemotingService-master/ExploitRemotingService/Properties/AssemblyInfo.cs
-
ExploitRemotingService-master/ExploitRemotingService/SerializableWrapper.cs
-
ExploitRemotingService-master/ExploitRemotingService/packages.config
-
ExploitRemotingService-master/Installer/IRemoteClass.cs
-
ExploitRemotingService-master/Installer/InstallClass.cs
-
ExploitRemotingService-master/Installer/Installer.csproj
-
ExploitRemotingService-master/Installer/RemoteClass.cs
-
ExploitRemotingService-master/LICENSE
-
ExploitRemotingService-master/README.md
-
1411-exploits/KIS-2014-13.txt
-
1411-exploits/KL-001-2014-004.txt
-
1411-exploits/SA-20141106-0.txt
-
1411-exploits/STIC-2014-0426.txt
-
1411-exploits/VL-1048.txt
-
1411-exploits/VL-1347.txt
-
1411-exploits/VL-1351.txt
-
1411-exploits/VL-1353.txt
-
1411-exploits/VL-936.txt
-
1411-exploits/ZSL-2014-5204.tgz
-
ZSL-2014-5204.tgz
-
coreldraw_obo.txt
-
zsl_5204.rar
-
crash.cdr
-
color/color.xml
-
color/docPalette.xml
-
color/profiles/rgb/srgb color space profile.icm
-
content/riffData.cdr
-
links.xml
-
metadata/metadata.xml
-
metadata/textinfo.xml
-
metadata/thumbnails/page1.bmp
-
metadata/thumbnails/thumbnail.bmp
-
orig.cdr
-
color/color.xml
-
color/docPalette.xml
-
color/profiles/rgb/srgb color space profile.icm
-
content/riffData.cdr
-
links.xml
-
metadata/metadata.xml
-
metadata/textinfo.xml
-
metadata/thumbnails/page1.bmp
-
metadata/thumbnails/thumbnail.bmp
-
1411-exploits/ZSL-2014-5205.txt
-
1411-exploits/ZSL-2014-5206.txt
-
1411-exploits/ZSL-2014-5207.txt
-
1411-exploits/ZSL-2014-5208.txt
-
1411-exploits/ZSL-2014-5209.txt
-
1411-exploits/ZSL-2014-5210.txt
-
1411-exploits/ZSL-2014-5211.tgz
-
1411-exploits/ahrareandeysheh-xss.txt
-
1411-exploits/anchorcms-inject.txt
-
1411-exploits/android-appleak.txt
-
1411-exploits/android-escalate.txt
-
1411-exploits/android-smsresend.txt
-
1411-exploits/androidwappushmanager-sql.txt
-
1411-exploits/apadanacms-sql.txt
-
1411-exploits/atlasaeon-xss.txt
-
1411-exploits/booking-redirect.txt
-
1411-exploits/cchwolters-escalate.txt
-
1411-exploits/citrix_netscaler_soap_bof.rb.txt
-
1411-exploits/cnilcookieviz-sqlxss.txt
-
1411-exploits/device42-creds.txt
-
1411-exploits/device42_ping_exec.rb.txt
-
1411-exploits/device42_tracert_exec.rb.txt
-
1411-exploits/digionline-shell.txt
-
1411-exploits/dlinkdap1360-xsrf.txt
-
1411-exploits/dlinkdap1360-xssxsrf.txt
-
1411-exploits/dlinkdcs2103-traversal.txt
-
1411-exploits/dolibarrerpcrm-sql.txt
-
1411-exploits/drupalvideowhisper-xss.txt
-
1411-exploits/eleanorcms-redirect.txt
-
1411-exploits/ellislab-sql.txt
-
1411-exploits/esotalkcms-xss.txt
-
1411-exploits/exploiting_sudo_grace_period.pdf
-
1411-exploits/fasthealth-redirect.txt
-
1411-exploits/flatnuke31x-xss.txt
-
1411-exploits/fluxbb-sql.txt
-
1411-exploits/formalms-xss.txt
-
1411-exploits/glance-escalate.txt
-
1411-exploits/glibc-libmemusage-1x-2x.sh.txt
-
1411-exploits/glibc-libpcprofile-1x-2x.sh.txt
-
1411-exploits/gogs-xss.txt
-
1411-exploits/gogslabel-sql.txt
-
1411-exploits/gogsrepo-sql.txt
-
1411-exploits/googledoubleclick-redirect.txt
-
1411-exploits/helpdezk-upload.txt
-
1411-exploits/hikvision_rtsp_bof.rb.txt
-
1411-exploits/ie8ms14035-useafterfree.txt
-
1411-exploits/ieolepreie11-exec.txt
-
1411-exploits/iftp-overflow.txt
-
1411-exploits/ihex-poc.txt
-
1411-exploits/image-poc.txt
-
1411-exploits/indiatimes-xss.txt
-
1411-exploits/ioslaves-validation.txt
-
1411-exploits/ipboard347-sql.txt
-
1411-exploits/jexperts-escalate.txt
-
1411-exploits/jexperts-xss.txt
-
1411-exploits/joomlaeventbooking-xss.txt
-
1411-exploits/joomlahdflv-download.txt
-
1411-exploits/joomlahdflv-sql.txt
-
1411-exploits/joomlasef-xss.txt
-
1411-exploits/kmplayer391130-dos.txt
-
1411-exploits/koschtit-xss.txt
-
1411-exploits/lantronix-exec.txt
-
1411-exploits/maarchletterbox-sqlbypass.txt
-
1411-exploits/manageengineea-disclose.txt
-
1411-exploits/mantisbt_php_exec.rb.txt
-
1411-exploits/meomsitpit360-sqlexecupload.txt
-
1411-exploits/minix-dos.tgz
-
1411-exploits/minix_inet_dos.c
-
1411-exploits/mit-redirect.txt
-
1411-exploits/monstra-bypass.txt
-
1411-exploits/monstra-hrs.txt
-
1411-exploits/mousemediascript160-xss.txt
-
1411-exploits/mozillafirefox36-useafterfree.txt
-
1411-exploits/ms14_064_ie_olerce.rb.txt
-
1411-exploits/ms14_064_ole_code_execution.rb.txt
-
1411-exploits/ms14_064_packager_python.rb.txt
-
1411-exploits/ms14_064_packager_run_as_admin.rb.txt
-
1411-exploits/msiis75-xss.txt
-
1411-exploits/mybb-bypassexec.txt
-
1411-exploits/mybb181-sqlxss.txt
-
1411-exploits/nibbleblog-xss.txt
-
1411-exploits/openkm-xss.txt
-
1411-exploits/openxchange-sql.txt
-
1411-exploits/ossec-escalate.txt
-
1411-exploits/paidmembershipspro-traversal.txt
-
1411-exploits/pandora_fms_sqli.rb.txt
-
1411-exploits/pandorafms51-xss.txt
-
1411-exploits/parsadevcms-xss.txt
-
1411-exploits/php-5x-bash-shellshock.txt
-
1411-exploits/phpbbderegglobal-bypass.txt
-
1411-exploits/phpfoxadmin-xss.txt
-
1411-exploits/phpfusion70207-sql.txt
-
1411-exploits/phpparselocale-doublefree.tgz
-
1411-exploits/phpsoundmsp-xss.txt
-
1411-exploits/piwigo260-sql.txt
-
1411-exploits/planetsourcecode-sqlxssshell.txt
-
1411-exploits/pmp-sql.txt
-
1411-exploits/progressopenedge-traversal.txt
-
1411-exploits/proticaret-sql.txt
-
1411-exploits/pwn.c
-
1411-exploits/robotstats-sql.txt
-
1411-exploits/robotstats-xss.txt
-
1411-exploits/safari8-dos.txt
-
1411-exploits/samsung_knox_smdm_url.rb.txt
-
1411-exploits/scmp-xss.txt
-
1411-exploits/secuid0.advisory.CVE-2014-8727.txt
-
1411-exploits/sliderrevshowbiz-shell.txt
-
1411-exploits/sniffit-escalate.txt
-
1411-exploits/softing-backdoor.txt
-
1411-exploits/softing-xss.txt
-
1411-exploits/springsharelibcal-xss.txt
-
1411-exploits/tcpdump-output.txt
-
1411-exploits/tcpdumpgeonet-dos.txt
-
1411-exploits/tcpdumposlr-dos.txt
-
1411-exploits/tinyserver119-disclose.txt
-
1411-exploits/vbulletin421-redirect.txt
-
1411-exploits/videostube-sqlxssshell.txt
-
1411-exploits/visual_mining_netcharts_upload.rb.txt
-
1411-exploits/weatherchannel-xss.txt
-
1411-exploits/websitebaker283-sqlxss.txt
-
1411-exploits/whoswho-xsrf.txt
-
1411-exploits/wp40-dos.txt
-
1411-exploits/wpadmanager-redirect.txt
-
1411-exploits/wpawpclassifieds-sqlxss.txt
-
1411-exploits/wpbulletproofsecurity-ssrfxsssql.txt
-
1411-exploits/wpcleansimple-xss.txt
-
1411-exploits/wpcmdownloadmanager-exec.txt
-
1411-exploits/wpdbbackup-bruteforce.txt
-
1411-exploits/wphtml5mp3-disclosure.txt
-
1411-exploits/wpsexysqueeze-xss.txt
-
1411-exploits/wpspclientdocumentmanager-sql.txt
-
1411-exploits/wpsupportezzy-xss.txt
-
1411-exploits/wpwpdatatables-shell.txt
-
1411-exploits/wpwpdatatables-sql.txt
-
1411-exploits/x3cms-xsrfxss.txt
-
1411-exploits/x7chat2_php_exec.rb.txt
-
1411-exploits/xcloner-execdisclosebypass.txt
-
1411-exploits/xepan-xsrf.txt
-
1411-exploits/xoops256-sql.txt
-
1411-exploits/zoph-sqlxss.txt
-
1411-exploits/zte831cii-xsrfxsshardcoded.txt
-
1411-exploits/ztezxdsi-insecure.txt
-
1411-exploits/ztezxdsl831-xss.txt
-
1411-exploits/ztezxhnh108l-bypass.txt
-
1411-exploits/zxdsl831cii-xsrf.txt