Overview

overview

6

Static

static

6

rules/emer...ts.pdf

windows7-x64

1

rules/emer...ts.pdf

windows10-2004-x64

1

rules/emer...it.pdf

windows7-x64

1

rules/emer...it.pdf

windows10-2004-x64

1

rules/emer....rules

windows7-x64

3

rules/emer....rules

windows10-2004-x64

3

rules/emer...fo.pdf

windows7-x64

1

rules/emer...fo.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    emerging.rules.zip

  • Size

    3.8MB

  • MD5

    3f022b94083b55352d2ca9a719c4f95a

  • SHA1

    02f22d84372c7041b08fb227f54f7fa09a44e9ec

  • SHA256

    c66517f7a272bf7750a70bcf3ba31265dae476c5a5b16e12567d3bf48fd13c88

  • SHA512

    f3f263bbf32f5d600a01827acf9bc7c8dff83821da4b560e2ba26fc783736e076e1c22a2bc1be1862c254da49a7e86e97e03b4ed4ff54ee542a91dbffd822260

  • SSDEEP

    98304:nKnfkRbh2nALn0kvIrsqu9dT+owX/bP/Nam:KnfkWA71vIGLT+fNam

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • emerging.rules.zip
    .zip
  • rules/3coresec.rules
  • rules/BSD-License.txt
  • rules/LICENSE
  • rules/botcc.portgrouped.rules
  • rules/botcc.rules
  • rules/ciarmy.rules
  • rules/classification.config
  • rules/compromised-ips.txt
  • rules/compromised.rules
  • rules/drop.rules
  • rules/dshield.rules
  • rules/emerging-activex.rules
  • rules/emerging-adware_pup.rules
  • rules/emerging-attack_response.rules
  • rules/emerging-chat.rules
  • rules/emerging-coinminer.rules
  • rules/emerging-current_events.rules
    .pdf .jnlp
  • rules/emerging-deleted.rules
  • rules/emerging-dns.rules
  • rules/emerging-dos.rules
  • rules/emerging-exploit.rules
  • rules/emerging-exploit_kit.rules
    .pdf .jnlp .js
  • rules/emerging-ftp.rules
  • rules/emerging-games.rules
  • rules/emerging-hunting.rules
  • rules/emerging-icmp.rules
  • rules/emerging-icmp_info.rules
  • rules/emerging-imap.rules
  • rules/emerging-inappropriate.rules
  • rules/emerging-info.rules
    .pdf
  • rules/emerging-ja3.rules
  • rules/emerging-malware.rules
  • rules/emerging-misc.rules
  • rules/emerging-mobile_malware.rules
  • rules/emerging-netbios.rules
  • rules/emerging-p2p.rules
  • rules/emerging-phishing.rules
  • rules/emerging-policy.rules
  • rules/emerging-pop3.rules
  • rules/emerging-rpc.rules
  • rules/emerging-scada.rules
  • rules/emerging-scan.rules
  • rules/emerging-shellcode.rules
  • rules/emerging-smtp.rules
  • rules/emerging-snmp.rules
  • rules/emerging-sql.rules
  • rules/emerging-telnet.rules
  • rules/emerging-tftp.rules
  • rules/emerging-user_agents.rules
  • rules/emerging-voip.rules
  • rules/emerging-web_client.rules
    .js
  • rules/emerging-web_server.rules
  • rules/emerging-web_specific_apps.rules
  • rules/emerging-worm.rules
  • rules/gpl-2.0.txt
  • rules/sid-msg.map
  • rules/threatview_CS_c2.rules
  • rules/tor.rules