Analyse score
0
/ 14
No antivirus venders flagged
this file as malicious
Last scanned
First submission
File type
pdf
No antivirus venders flagged
this file as malicious
CRC32 | 0x1bbc2385 |
---|---|
MD5 | 8a668918bb196ba77dc3841353762730 |
Magic | PDF document, version 1.4 |
SHA1 | c8deffe1eb7acf127b09745fef472abda5f3d961 |
SHA256 | 8a75a391c33059c14bd0a7d645a9cfdbe7b6c19d8b673400d84ff99f1bf0ef7a |
SHA512 | 760a34c1582d1be124340484da3cec4712f5611c4eec5d3e61ec63b8670819ad82ddcf8c0436d3476e4a4a95208db43dd9c40ff1c670a14190f163c805e79ba9 |
SSDeep | 98304:KOrgpiUA1O4l4bFxCgGKXGHmKd75ncq05+bIUKzWfGcHBDXMuJKTPx:KOEp04bFxwncq05+b4WfJBDcuJax |
Size | 5.41MB |
Packer |
|
TrID |
|
Creator | |
---|---|
ExifToolVersionNumber | 12.64 |
FileSize | 5.7 MB |
FileType | |
FileTypeExtension | |
Linearized | No |
MimeType | application/pdf |
PageCount | 14 |
PdfVersion | 1.4 |
Published | Name | Source | Country |
---|---|---|---|
2021 BlackHat ASIA Arsenal - Zero Dependency Container Penetration Toolkit.pdf | web | HK |
Description | Severity | Category | Module |
---|---|---|---|
Malware detection of a yara signature: Win32/WannaCry | malicious
|
Sandbox Detection | Behavior |
Communicates over HTTP with a low reputation domain | informational
|
C2 | Behavior |
Deletes itself after process termination | suspicious
|
Stealth | Behavior |
Write a file to the startup folder | suspicious
|
Persistence | Behavior |
Check for the existence of Virtual Machines | suspicious
|
Signature | Yara |
🚀 Coming soon!
🚀 Coming soon!