a9dd2526fc3bd74f138544adb0533490N[.]pdf

Sharing

Copy URL

Twitter E-mail

General

Target

a9dd2526fc3bd74f138544adb0533490N.pdf
Size

3.8MB
MD5

a9dd2526fc3bd74f138544adb0533490
SHA1

1389b2ffe1a209e8bed06424d392747fee7f5f0b
SHA256

3c74f71b707e92a5f900e8749925582f2b78e8ebca9730299d896eabb31d6fd2
SHA512

65d0f3529159bdf385a888e55677e985b3fc078b716358b3eed9da88b4ba7e28598b9ff393d8bb70e2b02dc7b0158293905b5892c022ffc256df2024a60cc6e5
SSDEEP

98304:tp/Wdu1kNPt0JbT3SMmidR96b2yIIlgcNVq:LOAkN6JbmMxdR96bhIIVNk

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

a9dd2526fc3bd74f138544adb0533490N.pdf
.pdf
- http://NTFS.com
- http://aptw.tf/2021/08/21/killing-defender.html
- http://dblchk.py
- http://siemens-plc.net
- http://siemens-training.com
- http://siemens.com
- https://blog.back.engineering/22/03/2021/
- https://cocomelonc.github.io/pentest/2021/10/12/dll-hijacking-2.html
- https://csandker.io///2021/02/21/Offensive-Windows-IPC-2-RPC.html
- https://gist.github.com/klezVirus/5d4d31067ad2fadd6f907dc96dd8b8cd
- https://github.com/Cr4sh/KernelForge
- https://github.com/Jemmy1228/HookSigntool
- https://github.com/hfiref0x/KDU
- https://github.com/hzqst/FuckCertVerifyTimeValidity
- https://googleprojectzero.blogspot.com/2016/02/the-definitive-guide-on-win32-to-nt.html
- https://iamelli0t.github.io/2021/04/10/RPC-Bypass-CFG.html
- https://learn.microsoft.com/en-us/previous-versions/system-center/virtual-machine-manager-2008-r2/ee340124
- https://learn.microsoft.com/en-us/windows-hardware/drivers/install/kernel-mode-code-signing-policy--windows-vista-and-later-
- https://learn.microsoft.com/en-us/windows/win32/rpc/how-rpc-works
- https://sec-consult.com/blog/detail/pentesters-windows-ntfs-tricks-collection/
- https://static.sched.com/hosted_files/osseu2020/ce/LSSEU20_kernel%20integrity%20enforcement%20with%20HLAT%20in%20a%20virtual%20machine_v3.pdf
- https://support.microsoft.com/en-gb/topic/kb5029033-notice-of-additions-to-the-windows-driver-stl-revocation-list-d330efa5-3fb7-4903-9f0b-3230d31fca38
- https://techcommunity.microsoft.com/t5/windows-insider-program/virtualization-based-security-vbs-and-hypervisor-enforced-code/m-p/240571
- https://training.plm.automation.siemens.com/index.cfm?show=%27
- https://trustedsec.com/blog/g_cioptions-in-a-virtualized-world
- https://trustedsec.com/blog/object-overloading
- https://vulners.com/openvas/OPENVAS:1361412562310111057
- https://web.archive.org/web/20191028184211/https:/cdn2.hubspot.net/hubfs/487909/Turning%20
- https://www.fortinet.com/blog/threat-research/driver-signature-enforcement-tampering
- https://www.inversecos.com/2022/03/windows-event-log-evasion-via-native.html
- https://www.loldrivers.io
- https://www.netspi.com/blog/technical-blog/adversary-simulation/adaptive-dll-hijacking/
- https://www.ntfs.com/index.html
- https://www.oreilly.com/library/view/windows-internals-part/9780135462348/
- Show all