General
-
Target
2021-09-10-traffic-analysis-exercise-answers.pdf.zip
-
Size
57KB
-
MD5
71085f1f917abab70cb35a8569618d47
-
SHA1
d64b325f077f6b9f1b41dcb3ec49efc59cad0085
-
SHA256
8a958e8d20554b1a5677166fa26d2236a371ac239ec081db8cfb68c760d206dc
-
SHA512
3ad1d9a9238f6393242574af74a6d70ea1a57e8aa47031be29cabd5ae15a96fbe91b664c244dbbb3c36002f0eb92631352496f98d8f787d1495558f8f640aa9a
-
SSDEEP
1536:cSUYzwdowwCJsPOAEdaFQg1xP70eb4KgEJ+4hlDFaW:cSU0wdPkjEsh1xD0eb4ZEJt5J
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
resource yara_rule static1/unpack001/2021-09-10-traffic-analysis-exercise-answers.pdf pdf_with_link_action
Files
-
2021-09-10-traffic-analysis-exercise-answers.pdf.zip.zip
Password: infected
-
2021-09-10-traffic-analysis-exercise-answers.pdf.pdf
-
https://www.malware-traffic-analysis.net/2021/09/10/index.html
-
https://unit42.paloaltonetworks.com/unit42-customizing-wireshark-changing-column-display/
-
https://unit42.paloaltonetworks.com/using-wireshark-identifying-hosts-and-users/
-
https://unit42.paloaltonetworks.com/using-wireshark-display-filter-expressions/
-
https://unit42.paloaltonetworks.com/using-wireshark-exporting-objects-from-a-pcap/
-
https://tria.ge/211004-vc7nsaggej
-
http://angrypoutine.com
-
http://simpsonsavingss.com
-
http://Tria.ge
-
http://any.run
-
https://app.any.run/tasks/66e29996-8ad2-4d3e-b6a2-c74306b5ef3b/
- Show all
-