f_005cec[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

f_005cec.zip
Size

13.2MB
MD5

5cbb90d5fa674df59c737cd11928669f
SHA1

19d4a349282125e8597206ed04f4da1e53f61446
SHA256

441abb8cb878b67447fba5bc4e79c4fe85be2634ed38396770eafe4e513f4e52
SHA512

bc4eb547964f2a440203666f397c33a99c457e0b148c98b10c8a95102edda95061cc2fb348678014e501e6ef2be223eae8045dd96cd24be4f90236d1769e5f55
SSDEEP

393216:UdRg0I+d+hLzQcq3J2NKX7ALbYL6fbA9RK3WL:5hL2oKUvYL6zADL

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

f_005cec.zip
.zip

Password: infected
f_005cec
.pdf
- http://192.168.2.xxx
- http://1952.912.3444orvisitusatwww.digi.com/support.FeedbackToprovidefeedbackonthisdocument,emailyourcommentstotechcomm@digi.comIncludethedocumenttitleandpartnumber
- http://AddupstreamNTPserversthatthedevicewillusetosynchronizeitstime.Thedefaultsettingistime.devicecloud.com
- http://CommandlineinterfaceUsethescpcommandAnywhereUSBPlusUserGuide932CommandDescriptiondeviceandaremotehost.SeeUsethescpcommandforinformationaboutusingthescpcommand.show
- http://DigiRemoteManagerpassword.group
- http://Donotasktooverwritethedestinationfileifitexists.ping
- http://Enteranameforthegroup.Replacestringwiththegroupname.Youmusthavedoublequotesaroundthename.group
- http://Listfilesanddirectoriesunderthispath.show
- http://Messagetosend.name
- http://Nameofthecapturefiltertouse.cat
- http://NeveruseDNSserversforthisinterface.vi
- http://Setsthespeedto1Gbps.AvailableonlyfordeviceswithGigabitEthernetports.auto
- http://SetthehostnameorIPaddressofthespeedtestserver.Thedefaultisspeedtest.accns.com
- http://TheATcommandstring.name
- http://ThePINcodetochangeto.name
- http://TheSIMslottochangeto.name
- http://Thedefaultismodp2048.vi
- http://Thefiletogrep.help
- http://Thefiletoview.mv
- http://Thepathandnameofthefileontheremotehosttocopytoorfrom.host
- http://Theprivatekeyfileisnamedid_rsaandthepublickeyfileisnamedid_rsa.pub
- http://Theusernametousewhenconnectingtotheremotehost.to
- http://UDPPortnumberDigiRemoteManagerconnectiontoedp12.devicecloud.com
- http://WcommandagaintoverifythattheHubshavebeenremoved.help
- http://knowledge.digi.com/
- http://network.vi
- http://ondigi.com
- http://orany.vi
- http://orboth.vi
- http://orinteractwithacontainer.cpCopiesafileordirectory.grepGrepafile.help
- http://remotemanager.digi.com/
- http://s.sshdirectory.Theprivateandpublickeysarenamedid_rsaandid_rsa.pub
- http://sPINcode.name
- http://sPINcode.new
- http://sPUKcode.new
- http://seeAnnouncingtheLatestDigiSoftwareSolutionsforDALOS23.12FirmwareandDigiRemoteManagerondigi.com
- http://seewww.digi.com/resources/certifications.ImportantnoteDigicustomersassumefullresponsibilityforlearningandmeetingtherequiredguidelinesforeachcountryintheirdistributionmarket.Refertotheradioregulatoryagencyinthedesiredcountriesofoperationformoreinformation.CEandUKCAOEMlabelingrequirementsTheCEandUKCAmarkingsmustbeclearlyvisibleandlegiblewhenyouaffixittotheproduct.Ifthisisnotpossible,youmustattachthesemarkstothepackaging
- http://seewww.openvpn.net
- http://selectInternal.vi
- http://servers.Thedefaultsettingistime.devicecloud.com
- http://service.ssh.acl.zone
- http://system.name
- http://thedefaultistheedp12.devicecloud.com
- http://thescriptmayrenderthesystemunusable.vi
- http://time.devicecloud.com
- http://timesynctotime.devicecloud.com.UDP123DNSresolutionusingWAN-providedDNSservers.UDP53HTTPSformodemfirmwaredownloadsfromfirmware.devicecloud.com
- http://type1MBor1M.vi
- http://typedevicecloud.com
- http://typedigi.com
- http://visitourKnowledgeBaseatknowledge.digi.com
- http://whenexecutedinconjunctionwithanothercommand.SeeDisplayhelpforcommandsandparametersforinformationaboutthehelpcommand.lsListsthecontentsofadirectory.mkdirCreatesadirectory.modemExecutesmodemcommands.monitoringMonitoringcommands.moreDisplaysthecontentsofafile.mvMovesafileordirectory.ping
- http://whichmeansthatthefilterwillcapturepacketsthatusethisport.vi
- http://www.digi.com/howtobuy/terms
- http://www.digi.com/howtobuy/termsCustomersupportGathersupportinformation:BeforecontactingDigitechnicalsupportforhelp,gatherthefollowinginformation:��Productnameandmodel��Productserialnumber
- http://www.digi.com/products/cloud/digi-remote-manager
- http://www.digi.com/products/cloud/digi-remote-manager.TolearnmoreaboutRemoteManagerfeaturesandfunctions,seetheDigiRemoteManagerUserGuide.Certificate-basedenhancedsecurityBeginningwithfirmwareversion22.2.9.x,thedefaultURLforthedevice'sRemoteManagerconnectionisedp12.devicecloud.com.ThisURLisrequiredtoutilizetheclient-sidecertificatesupport.Priortorelease22.2.9.x,thedefaultURLwasmy.devicecloud.com.��IfyourDigideviceisconfiguredtouseanon-defaultURLtoconnecttoRemoteManager,updatingthefirmwarewillnotchangeyourconfiguration.However,ifyouerasethedevice'sconfiguration,theRemoteManagerURLwillchangetothedefaultofedp12.devicecloud.com.��IfyouperformafactoryresetbypressingtheRESETtwice,theclient-sidecertificatewillbeerasedandyoumustusetheRemoteManagerinterfacetoresetthecertificate.SelectthedeviceinRemoteManagerandselectActions
- http://www.digi.com/products/models/76000954
- http://www.digi.com/resources/certifications
- http://www.digi.com/resources/documentation/digidocs/90001436-13/default.htm
- http://www.digi.com/resources/documentation/digidocs/90002349/default.htm
- http://www.digi.com/support
- http://www.digi.com/support/product-support
- http://www.google.com
- http://www.google.com/
- http://www.internetbadguys.com
- http://www.internetbadguys.com/
- http://www.openvpn.net/
- http://youcanverifythewebfilteringimplementationbyusingtheCiscotestsitewww.internetbadguys.com
- http://youmayneedtoopenaportthroughyourfirewallforegressconnectivitytoedp12.devicecloud.com
- https://biot.com/capstats/bpf.html
- https://biot.com/capstats/bpf.htmlfordetailedinformationaboutBPFsyntax.ExampleIPv4capturefilters��CapturetraffictoandfromIPhost192.168.1.1:�$�+�#�*�.�/ckd�chj�c�c��CapturetrafficfromIPhost192.168.1.1:�$�+�.�-��#�*�.�/ckd�chj�c�c��CapturetraffictoIPhost192.168.1.1:�$�+��.�/�#�*�.�/ckd�chj�c�c��CapturetrafficforaparticularIPprotocol:�$�+�+�-�*�/�*�+�-�*�/�*��*�'whereprotocolisanumberintherangeof1to255oroneofthefollowingkeywords:icmp,icmp6,igmp,pim,ah,esp,vrrp,udp,ortcp.
- https://community.openvpn.net/openvpn/wiki/BridgingAndRouting
- https://community.openvpn.net/openvpn/wiki/Topology
- https://dashboard.umbrella.com
- https://dashboard.umbrella.com/
- https://docs.frrouting.org/projects/dev-guide/en/latest/vtysh.html.Syntax�1�/�4�.�#
- https://ftp1.digi.com/support/documentation/QN52 - DigiRemoteManager-WebProxy.pdf
- https://hub.digi.com/support/products/digi-core-plug-in-modem/?path=/support/asset-collection/cellular-module-firmware/
- https://hub.digi.com/support/products/infrastructure-management/digi-anywhereusb-2-plus/
- https://iperf.fr/iperf-download.php
- https://iperf.fr/iperf-download.php.AdditionalconfigurationItems��TheportthattheAnywhereUSBPlusdevice'siPerfserverwillusetolistenforincomingconnections.��TheaccesscontrollistfortheiPerfserver.
- https://linux.die.net/man/8/wpa_passphrase
- https://my.digi.com/sca-dev-2020-1/checkout.ssp?is=login&login=T&whence=&origin=customercenter#login-register
- https://myaccount.digi.com/
- https://myaccount.digi.com/tosignupforaDigiRemoteManageraccount.2.CheckyouremailforDigiRemoteManagerlogininstructions.3.Gotoremotemanager.digi.com.4.Enteryourusernameandpassword.TheDigiRemoteManagerDashboardappears.
- https://remotemanager.digi.com
- https://remotemanager.digi.com/
- https://remotemanager.digi.com/login.do
- https://secure-computing.net/wiki/index.php/OpenVPN/Routing
- https://tools.ietf.org/html/rfc1058
- https://tools.ietf.org/html/rfc1142
- https://tools.ietf.org/html/rfc1771
- https://tools.ietf.org/html/rfc2080
- https://tools.ietf.org/html/rfc2328
- https://tools.ietf.org/html/rfc2332
- https://tools.ietf.org/html/rfc2453
- https://tools.ietf.org/html/rfc2740
- https://tools.ietf.org/html/rfc4702
- https://umbrella.cisco.com/
- https://www.digi.com/
- https://www.digi.com/AnywhereUSB2Plus/start
- https://www.digi.com/blog/post/announcing-digi-software-updates-dal-os-23-12
- https://www.digi.com/blog/post/latest-software-updates-dal-os-24-3-and-digi-rm
- https://www.digi.com/contactus
- https://www.digi.com/contactus.LogintoDigiRemoteManagerTostartDigiRemoteManager1.Ifyouhavenotalreadydoneso,clickheretosignupforaDigiRemoteManageraccount.2.CheckyouremailforDigiRemoteManagerlogininstructions.3.Gotoremotemanager.digi.com.4.LogintoyourDigiRemoteManageraccount.
- https://www.digi.com/pdf/anywhereusb-plus-ds.pdf
- https://www.digi.com/products/models/76000682
- https://www.digi.com/products/models/76000965
- https://www.digi.com/products/networking/infrastructure-management/usb-connectivity/usb-over-ip/anywhereusb#specifications
- https://www.digi.com/support#support-tools.b.FromtheSupportDownloadssection,clickDrivers.c.FindandselectAnywhereUSBPlusfromtheproductlist.d.SelectyourAnywhereUSBPlusmodel.e.Selectanddownloadtheappropriatesoftwareforyouroperatingsystem.
- https://www.digi.com/support/identifyfamily?family=45
- https://www.digi.com/support/knowledge-base/firewall-concerns-for-outbound-edp-connections-to
- https://www.digi.com/support/productdetail?pid=5658&type=firmware
- https://www.digi.com/support/productdetail?pid=5659&type=firmware
- https://www.digi.com/support/productdetail?pid=5660&type=firmware
- https://www.gov.uk/guidance/using-the-ukca-marking
- https://www.opendns.com/setupguide/
- https://www.opendns.com/setupguide/formoreinformationaboutusingCiscoDNSserversforwebfiltering.ToconfigurewebfilteringwithmanualDNSservers:��Web1.LogintoDigiRemoteManager,orlogintothelocalWebUIasauserwithfullAdminaccessrights.2.Accessthedeviceconfiguration:RemoteManager:a.LocateyourdeviceasdescribedinUseDigiRemoteManagertoviewandmanageyourdevice.b.ClicktheDeviceID.c.ClickSettings.d.ClicktoexpandConfig.LocalWebUI:a.Onthemenu,clickSystem.UnderConfiguration,clickDeviceConfiguration.TheConfigurationwindowisdisplayed.
- https://www.tucny.com/Home/dscp-tos
- https://www.tucny.com/Home/dscp-tosforalistofcommonTOSvalues.v.ForProtocol,selecttheIPprotocolmatchingcriteriaforthisrule.vi.ForSourceport,typetheport,orany,asasourcetrafficmatchingcriteria.vii.ForDestinationport,typetheport,orany,asadestinationtrafficmatchingcriteria.viii.ClicktoexpandSourceaddressandselecttheType:��Any:Sourcetrafficfromanyaddresswillbematched.��Interface:OnlytrafficfromtheselectedInterfacewillbematched.��IPv4address:OnlytrafficfromtheIPaddresstypedinIPv4�addresswillbematched.UsetheformatIPv4_address[/netmask],oruseanytomatchanyIPv4address.
- https://www.tucny.com/Home/dscp-tosforalistofcommonTOSvalues.v.SettheIPprotocolmatchingcriteriaforthisrule:��*�
- Show all

Sharing

General

Malware Config

Signatures

Files

Password: infected