301697790bcc8f4b403c32a0ab31ca50N[.]pdf

Sharing

Copy URL Twitter E-mail

General

Target

301697790bcc8f4b403c32a0ab31ca50N.pdf
Size

1.4MB
MD5

301697790bcc8f4b403c32a0ab31ca50
SHA1

615378b9f0e663a9de2f2adf5848f8426f1ec08d
SHA256

c5f84a039906e6572f74490e1e7e886bbfe1c47c83c87c8aed24c47e66988cc4
SHA512

d8c3e392a84e45063fd858e7358e442b40974f16f01e953fc00aa0c1c256c74514e0dc8c8d1b0a8df503d5539357b9aeb2642cefeea91302fa6680181726fd66
SSDEEP

24576:EPWRLuKTwf6bqt3BAdmoQEmWjSdwcUs6r3BuR8Tw1kvdAqqzET8caCNxIJNwm:l1Tlbqt3GdZQEHjSdws6ru8T6kvdQdcK

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

301697790bcc8f4b403c32a0ab31ca50N.pdf
.pdf
- http://...Thisdirectiveisanaliasfor.byte.Eachexpressionisassembledintoaneight-bitvalue..data
- http://...Thisdirectiveisanaliasfor.hword.Eachexpressionisassembledintoan16-bitvalue..data
- http://.Theynormallybeingusedasanimmediatesourceoperand.mov
- http://013erentsymbolnamethanFoo.Symbolnamesdonotstartwithadigit.AnexceptiontothisruleismadeforLocalLabels.Seebelow.Multibytecharactersaresupported.Togenerateasymbolnamecontainingmultibytecharactersencloseitwithindoublequotesanduseescapecodes.cf
- http://013setoftheGOTentrycorrespondingtothesymbol.got
- http://013setsusinglabelasthestructurebase..tab
- http://014cdirectivesforCRIS..dwordEXPRESSIONSThe.dworddirectiveisasynonymfor.int
- http://014leformats.discardSilentlydiscardduplicatesections.Thisisthedefault.one
- http://014llthem.Ifalabelisusedwith.space
- http://014rstargumentistherequestedalign-mentinbytes..allow_suspicious_bundlesTurnsonerrorcheckingforcombinationsofinstructionsinabundlethatprob-ablyindicateaprogrammingerror.Thisisonbydefault..no
- http://050.data
- http://051availableatwww.xilinx.com.9.26.1DirectivesAnumberofassemblerdirectivesareavailableforMicroBlaze..data
- http://051canbeusedasaseparator.eg
- http://0x01isequivalentto.save
- http://0x14add.is
- http://116.global
- http://174UsingasForexample.archi
- http://223.no
- http://318Usingasr56snr57idn0r58idn1r59udn0r60udn1r61udn2r62udn3r63zeroTheassemblerwillemitawarningifanumericnameisusedinsteadofthecanonicalname.The.no
- http://50000mov.na
- http://A0.HorA0.L.one
- http://InsertwhitespaceIfitispossibletousewhitespacecharactersthenthisisthesimplestsolution.eg
- http://MachineDependentFeatures313r54spr55lrr56snr57idn0r58idn1r59udn0r60udn1r61udn2r62udn3r63zeroTheassemblerwillemitawarningifanumericnameisusedinsteadofthenon-numericname.The.no
- http://Programmemory.pm
- http://Similarto.space
- http://VFPregisters.save
- http://__.MMIX.start..data
- http://andemitawarningifthenu-mericnamesareused.Thisisonbydefault..no
- http://aswillreplacethemoviwithasequenceofmoviandshoriopcodes.pt
- http://availableuponrequestatwww.tilera.com
- http://bnez.na
- http://butimmediatelyafter.fnstart.The.save
- http://canbeusedtoseparatetheendofamacroargu-mentfromthefollowingtext.eg
- http://commandlineoptionthisdirectiveindicatesthattheassemblycodemakesuseof32-bitpointers..no
- http://developer.amd.com/cpu/LWP
- http://developer.intel.com/design/itanium/arch_spec.htm
- http://disables.at
- http://fillAdvancethelocationcounterofthecurrentsectiontonew-lc.new
- http://foo.reqr0.savereglistGenerateunwinderannotationstorestoretheregistersinreglist.Theformatofreglististhesameasthecorrespondingstore-multipleinstruction.coreregisters.save
- http://fsf.org/
- http://fsf.org/Everyoneispermittedtocopyanddistributeverbatimcopiesofthislicensedocument,butchangingitisnotallowed.0.PREAMBLEThepurposeofthisLicenseistomakeamanual,textbook,orotherfunctionalandusefuldocumentfreeinthesenseoffreedom:toassureeveryonethee
- http://ftp.digital.com/pub/Digital/info/semiconductor/literature/alphaahb.pdf
- http://i.e.no
- http://iWMMXtregisters.save
- http://infocenter.arm.com
- http://intoabaloracall.call
- http://or.data
- http://page23.as
- http://r0ld.lr
- http://redhat.com
- http://seewww.atmel.com/products/AVR.asimplementsallthestandardAVRopcodes.ThefollowingtablesummarizestheAVRopcodes,andtheirarguments.Legend:ranyregisterd`ldi'register
- http://theexpressionisadjustedaccordingly.Thelinkerusestherelocationentrytoupdatetheoperandaddressatlinktime.got/GOT-SpecifiestheCR16Assemblergeneratesarelocationentryfortheoperand,offsetfromGlobalOffsetTable.Thelinkerusesthisrelocationentrytoupdatetheoperandaddressatlinktimecgot/cGOT-SpecifiestheCompactRISCAssemblergeneratesarelocationentryfortheoperand,wherepchasimpliedbit,theexpressionisadjustedaccordingly.Thelinkerusestherelocationentrytoupdatetheoperandaddressatlinktime.CR16targetoperandquali
- http://willautomaticallybealignedcorrectlyandisplacedaftertheunconditionaljump..global
- http://www-cs-faculty.stanford.edu/~knuth/mmix-news.html
- http://www-cs-faculty.stanford.edu/~knuth/mmix-news.html,lastcheckedwiththeversiondated2001-08-25
- http://www-cs-faculty.stanford.edu/~knuth/mmix-news.html.Mostcodeexamplesfromthemmixalpackagelocatedthereshouldworkunmodi
- http://www.andestech.com/en/index/index.htm9.30.1NDS32OptionsTheNDS32con
- http://www.gnu.org/copyleft/
- http://www.gnu.org/copyleft/.EachversionoftheLicenseisgivenadistinguishingversionnumber.IftheDocumentspeci
- http://www.latticesemi.com/products/intellectualproperty/ipcores/mico32/
- http://www.latticesemi.com/products/intellectualproperty/ipcores/mico32/.asimplementsallthestandardLM32opcodes.
- http://www.sourceware.org/bugzilla/
- http://www.sourceware.org/bugzilla/.Thefundamentalprincipleofreportingbugsusefullyisthis:reportallthefacts.Ifyouarenotsurewhethertostateafactorleaveitout,stateit!Oftenpeopleomitfactsbecausetheythinktheyknowwhatcausestheproblemandassumethatsomedetailsdonotmatter.Thus,youmightassumethatthenameofasymbolyouuseinanexampledoesnotmatter.Well,probablyitdoesnot,butonecannotbesure.Perhapsthebugisastraymemoryreferencewhichhappenstofetchfromthelocationwherethatnameisstoredinmemory;perhaps,ifthenameweredi
- http://www.z80.info
- https://github.com/WebAssembly/design/blob/master/BinaryEncoding.md
- https://github.com/WebAssembly/design/blob/master/BinaryEncoding.md.Opcodesarewrittendirectlyintheorderinwhichtheyareencoded,withoutgoingthroughanintermediatesexp-styleexpressionasinthewasformat.For
- https://github.com/webassembly/spec/BinaryEncoding.md.Structuredsexp-styleexpressionsarenotsupportedasinput.9.52.2.1SpecialCharacters`#'and`;'arethelinecommentcharacters.Notethatif`#'isthe
- Show all