Overview

overview

4

Static

static

4

15ce1e97b8...02.zip

windows7-x64

1

15ce1e97b8...02.zip

windows10-2004-x64

1

Windows-11...nt.pdf

windows7-x64

1

Windows-11...nt.pdf

windows10-2004-x64

1

Windows-11...2.xlsx

windows7-x64

1

Windows-11...2.xlsx

windows10-2004-x64

1

Windows-11...s.xlsx

windows7-x64

1

Windows-11...s.xlsx

windows10-2004-x64

1

Windows-11...ter.js

windows7-x64

1

Windows-11...ter.js

windows10-2004-x64

1

Windows-11...ser.js

windows7-x64

1

Windows-11...ser.js

windows10-2004-x64

1

Windows-11...ker.js

windows7-x64

1

Windows-11...ker.js

windows10-2004-x64

1

Windows-11...ter.js

windows7-x64

1

Windows-11...ter.js

windows10-2004-x64

1

Windows-11...st.xml

windows7-x64

1

Windows-11...st.xml

windows10-2004-x64

1

Windows-11...up.xml

windows7-x64

1

Windows-11...up.xml

windows10-2004-x64

1

Windows-11...t.cmtx

windows7-x64

3

Windows-11...t.cmtx

windows10-2004-x64

3

Windows-11...ch.csv

windows7-x64

1

Windows-11...ch.csv

windows10-2004-x64

1

Windows-11...ch.inf

windows7-x64

1

Windows-11...ch.inf

windows10-2004-x64

1

Windows-11...ry.pol

windows7-x64

3

Windows-11...ry.pol

windows10-2004-x64

3

Windows-11...fo.xml

windows7-x64

1

Windows-11...fo.xml

windows10-2004-x64

1

Windows-11...rt.xml

windows7-x64

1

Windows-11...rt.xml

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13031598881.zip

  • Size

    1.4MB

  • MD5

    7fe167945a97ce8bb69a4ef69a6b12a1

  • SHA1

    6f3ecf880a7bd3a4358aa0bc4673349b8e77801a

  • SHA256

    5a25cec5efa849f8bab0d75de0e860bd576599cf3f3ed89cc6e847e2f19603d3

  • SHA512

    a97c05bd31d56f14e265dfb49aba3ba8cebd0cb5c0f3fe77b4c9cddfa095e41eabbb75805a120221326b10cc3473fd228a40f1268fdf758ccdd6494957f60f14

  • SSDEEP

    24576:4IUKXzAn58Z8qMYHLMC3oEtRezEOvqPclw3gwr94wEvdM:nBXMnqZR/3hWzp1Cx+v2

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 13031598881.zip
    .zip

    Password: f11

  • 15ce1e97b8d8ecf3592358624ba81c29163860390d50bd6196e7f911bcc93902
    .zip

    Password: f11

  • Windows-11-v22H2-Security-Baseline/Documentation/Announcement.pdf
    .pdf

    Password: f11

    • https://www.microsoft.com/en-us/download/details.aspx?id=55319

    • https://techcommunity.microsoft.com/t5/windows-kernel-internals-blog/understanding-hardware-enforced-stack-protection/ba-p/1247815

    • https://techcommunity.microsoft.com/t5/windows-kernel-internals-blog/developer-guidance-for-hardware-enforced-stack-protection/ba-p/2163340

    • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-36958

    • http://support.microsoft.com/kb/4599464

    • https://learn.microsoft.com/en-us/windows-server/networking/dns/doh-client-support

    • https://docs.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection

    • https://docs.microsoft.com/en-us/windows/win32/secauthn/multiple-provider-router

    • https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide#block-abuse-of-exploited-vulnerable-signed-drivers

    • Show all
  • Windows-11-v22H2-Security-Baseline/Documentation/MS Security Baseline Windows 11 v22H2.xlsx
    .xlsx office2007
  • Windows-11-v22H2-Security-Baseline/Documentation/MSFT-Win11-v22H2.PolicyRules
  • Windows-11-v22H2-Security-Baseline/Documentation/Windows 11 21H2 to 22H2 Deltas.xlsx
    .xlsx office2007
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Internet Explorer 11 - Computer.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Internet Explorer 11 - User.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - BitLocker.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - Computer.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - Credential Guard.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - Defender Antivirus.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - Domain Security.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - User.htm
    .js
  • Windows-11-v22H2-Security-Baseline/GPOs/manifest.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{2EBC1F2D-4C13-408B-A76E-94670180DD13}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{2EBC1F2D-4C13-408B-A76E-94670180DD13}/DomainSysvol/GPO/Machine/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{2EBC1F2D-4C13-408B-A76E-94670180DD13}/DomainSysvol/GPO/Machine/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{2EBC1F2D-4C13-408B-A76E-94670180DD13}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{2EBC1F2D-4C13-408B-A76E-94670180DD13}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{44F5CA90-3837-4570-8106-108151A83D43}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{44F5CA90-3837-4570-8106-108151A83D43}/DomainSysvol/GPO/Machine/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{44F5CA90-3837-4570-8106-108151A83D43}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
  • Windows-11-v22H2-Security-Baseline/GPOs/{44F5CA90-3837-4570-8106-108151A83D43}/DomainSysvol/GPO/Machine/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{44F5CA90-3837-4570-8106-108151A83D43}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{44F5CA90-3837-4570-8106-108151A83D43}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{6604C026-7CFF-4769-BBC8-9E08C5A8E3FC}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{6604C026-7CFF-4769-BBC8-9E08C5A8E3FC}/DomainSysvol/GPO/User/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{6604C026-7CFF-4769-BBC8-9E08C5A8E3FC}/DomainSysvol/GPO/User/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{6604C026-7CFF-4769-BBC8-9E08C5A8E3FC}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{6604C026-7CFF-4769-BBC8-9E08C5A8E3FC}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{A41A085C-562E-43DD-BC6F-D06721340A26}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{A41A085C-562E-43DD-BC6F-D06721340A26}/DomainSysvol/GPO/Machine/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{A41A085C-562E-43DD-BC6F-D06721340A26}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
  • Windows-11-v22H2-Security-Baseline/GPOs/{A41A085C-562E-43DD-BC6F-D06721340A26}/DomainSysvol/GPO/Machine/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{A41A085C-562E-43DD-BC6F-D06721340A26}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{A41A085C-562E-43DD-BC6F-D06721340A26}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{AB1FF8CF-8B21-4F4E-A822-F95CA245C389}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{AB1FF8CF-8B21-4F4E-A822-F95CA245C389}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
  • Windows-11-v22H2-Security-Baseline/GPOs/{AB1FF8CF-8B21-4F4E-A822-F95CA245C389}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{AB1FF8CF-8B21-4F4E-A822-F95CA245C389}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{B76B3ECF-811E-4554-AD0A-13B68DA73E79}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{B76B3ECF-811E-4554-AD0A-13B68DA73E79}/DomainSysvol/GPO/Machine/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{B76B3ECF-811E-4554-AD0A-13B68DA73E79}/DomainSysvol/GPO/Machine/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{B76B3ECF-811E-4554-AD0A-13B68DA73E79}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{B76B3ECF-811E-4554-AD0A-13B68DA73E79}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{E9B060A3-A48B-4C5A-98E4-795D0AD3AABD}/Backup.xml
    .xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{E9B060A3-A48B-4C5A-98E4-795D0AD3AABD}/DomainSysvol/GPO/User/comment.cmtx
  • Windows-11-v22H2-Security-Baseline/GPOs/{E9B060A3-A48B-4C5A-98E4-795D0AD3AABD}/DomainSysvol/GPO/User/registry.pol
  • Windows-11-v22H2-Security-Baseline/GPOs/{E9B060A3-A48B-4C5A-98E4-795D0AD3AABD}/bkupInfo.xml
  • Windows-11-v22H2-Security-Baseline/GPOs/{E9B060A3-A48B-4C5A-98E4-795D0AD3AABD}/gpreport.xml
  • Windows-11-v22H2-Security-Baseline/Scripts/Baseline-ADImport.ps1
  • Windows-11-v22H2-Security-Baseline/Scripts/Baseline-LocalInstall.ps1
    .ps1
  • Windows-11-v22H2-Security-Baseline/Scripts/ConfigFiles/DeltaForNonDomainJoined.inf
  • Windows-11-v22H2-Security-Baseline/Scripts/ConfigFiles/DeltaForNonDomainJoined.txt
  • Windows-11-v22H2-Security-Baseline/Scripts/ConfigFiles/EP-reset.xml
  • Windows-11-v22H2-Security-Baseline/Scripts/Remove-EPBaselineSettings.ps1
  • Windows-11-v22H2-Security-Baseline/Scripts/Tools/LGPO.txt
  • Windows-11-v22H2-Security-Baseline/Scripts/Tools/MapGuidsToGpoNames.ps1
    .ps1
  • Windows-11-v22H2-Security-Baseline/Templates/AdmPwd.admx
  • Windows-11-v22H2-Security-Baseline/Templates/MSS-legacy.admx
  • Windows-11-v22H2-Security-Baseline/Templates/SecGuide.admx
    .xml
  • Windows-11-v22H2-Security-Baseline/Templates/en-US/AdmPwd.adml
  • Windows-11-v22H2-Security-Baseline/Templates/en-US/MSS-legacy.adml
  • Windows-11-v22H2-Security-Baseline/Templates/en-US/SecGuide.adml
    .xml