Overview

overview

6

Static

static

6

rules/emer...fo.pdf

windows7-x64

1

rules/emer...fo.pdf

windows10-2004-x64

1

rules/emer...ent.js

windows7-x64

1

rules/emer...ent.js

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    9786ff5a900b445616d5bb6af9791bfe-emerging.rules.tar.gz

  • Size

    3.9MB

  • MD5

    935e15f8db9ca9a9c73deee507fe607b

  • SHA1

    01c98bf73a2ca87f90b76c3ec27354081a51e82f

  • SHA256

    254a880aff3ed575bc1acdc3996b7f32387db99f984fe8ccdcba74ed5994d749

  • SHA512

    eaaa98e0436027bbbe26351a91a4a6152230e9d9d93484590c9dc565859c484b1090888991ec98b420ebad949cf5a19384a625507fab2dc045219438581b26a9

  • SSDEEP

    98304:vlKh31LGbsiSCLvyXAXzFtvE2JHnWaql9cGTYJ1lf:UhaaaqX8o2Ya69cv1

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • 9786ff5a900b445616d5bb6af9791bfe-emerging.rules.tar.gz
    .gz
  • emerging.rules.tar
    .tar
  • rules/3coresec.rules
  • rules/BSD-License.txt
  • rules/LICENSE
  • rules/botcc.portgrouped.rules
  • rules/botcc.rules
  • rules/ciarmy.rules
  • rules/classification.config
  • rules/compromised-ips.txt
  • rules/compromised.rules
  • rules/drop.rules
  • rules/dshield.rules
  • rules/emerging-activex.rules
  • rules/emerging-adware_pup.rules
  • rules/emerging-attack_response.rules
  • rules/emerging-chat.rules
  • rules/emerging-coinminer.rules
  • rules/emerging-current_events.rules
    .pdf .jnlp
  • rules/emerging-deleted.rules
  • rules/emerging-dns.rules
  • rules/emerging-dos.rules
  • rules/emerging-exploit.rules
  • rules/emerging-exploit_kit.rules
    .jnlp .js
  • rules/emerging-ftp.rules
  • rules/emerging-games.rules
  • rules/emerging-hunting.rules
  • rules/emerging-icmp.rules
  • rules/emerging-icmp_info.rules
  • rules/emerging-imap.rules
  • rules/emerging-inappropriate.rules
  • rules/emerging-info.rules
    .pdf
  • rules/emerging-ja3.rules
  • rules/emerging-malware.rules
  • rules/emerging-misc.rules
  • rules/emerging-mobile_malware.rules
  • rules/emerging-netbios.rules
  • rules/emerging-p2p.rules
  • rules/emerging-phishing.rules
  • rules/emerging-policy.rules
  • rules/emerging-pop3.rules
  • rules/emerging-rpc.rules
  • rules/emerging-scada.rules
  • rules/emerging-scan.rules
  • rules/emerging-shellcode.rules
  • rules/emerging-smtp.rules
  • rules/emerging-snmp.rules
  • rules/emerging-sql.rules
  • rules/emerging-telnet.rules
  • rules/emerging-tftp.rules
  • rules/emerging-user_agents.rules
  • rules/emerging-voip.rules
  • rules/emerging-web_client.rules
    .js
  • rules/emerging-web_server.rules
  • rules/emerging-web_specific_apps.rules
  • rules/emerging-worm.rules
  • rules/gpl-2.0.txt
  • rules/sid-msg.map
  • rules/threatview_CS_c2.rules
  • rules/tor.rules