otx.alienvault.com Open in urlscan Pro
18.64.119.56  Public Scan

Form analysis
0 forms found in the DOM

Text Content

×

   
 * Browse
 * Scan Endpoints
 * Create Pulse
 * Submit Sample
 * API Integration
   
   
 * Login | Sign Up
   

All
   
 * Login | Sign Up
   
 * 
   


FileHash - SHA256
1300d83e626daa0457e829200e313966a93557b3a7e7a23099ed4d727f473068
Add to Pulse
Pulses
0
AV Detections
0
IDS Detections
0
YARA Detections
0
Alerts
1
Analysis Overview
Analysis Date
14 hours ago
File Score
0.8
Low Risk
Alerts
network_icmp

Related Pulses
None
Related Tags
None

File Type
PDF - PDF document, version 1.3
Size
26 KB (27334 bytes)
MD5
aadb4d741d494661bdfed4f689bafe34
SHA1
b79cbe94c2f6f0f9dfcf5560d9cf082f7247f3eb
SHA256
1300d83e626daa0457e829200e313966a93557b3a7e7a23099ed4d727f473068
External Resources
VirusTotal
Screenshots




Analysis

Related Pulses

Integrations

Comments (0)



ALERTS

Name

Description

Severity

ATT&CK Technique

TECHNIQUE ID

network_icmp Generates some ICMP traffic
High









STRINGS

Show
10 25 50 100
entries
Search:
Strings

%PDF-1.3 << /Filter /FlateDecode /Length 2987 >> T4ocRK;a endstream << /Type
/Page /Parent 2 0 R /Resources 4 0 R /Contents 3 0 R >> << /ProcSet [ /PDF /Text
] /ColorSpace << /Cs1 5 0 R /Cs2 11 0 R >> /Font << /TT1 7 0 R /TT2 8 0 R /TT3 9
0 R /TT4 10 0 R /TT5 12 0 R /TT6 13 0 R >> /Shading << /Sh1 6 0 R >> >> <<
/ColorSpace 5 0 R /ShadingType 2 /Coords [ 48.66223 936.0952 605.3378 -28.09515
] /Domain [ 0 1 ] /Extend [ true true ] /Function 14 0 R >>

SHOWING 1 TO 10 OF 138 ENTRIES
1
2
3
4
5
...
14
Next



EXIF DATA

Property

Value

PDF:CreateDate2022:07:22
00:20:51ZPDF:CreatorSafariPDF:LinearizedNoPDF:ModifyDate2022:07:22
00:20:51ZPDF:PDFVersion1.3PDF:PageCount1PDF:ProduceriOS Version 15.6 (Build
19G71) Quartz PDFContextPDF:TitleThis Connection Is Not Private







APK PERMISSIONS

Name


No Entries Found



RTF ENTRIES

Index

OLE

Level

bincount

unexpectedchars

Length

Hex digits

Offset

Control word

Children


No Entries Found


OLE EXTRACTED METADATA

Object type

Value


No Entries Found


APK ID

File Name

Anti VM


No Entries Found


LNK

Name

Value


No Entries Found


















SCREENSHOT






DOCUMENT PROPERTIES







DLLS LOADED

DLL

msimg32.dllBIBUtils.dllC:\Windows\syswow64\MSCTF.dllsqlite.dllC:\Windows\SysWOW64\shell32.dllOLEAUT32.dllmscms.dllcomctl32.dllOLEAUT32.DLL





DROPPED FILES

Name

Type

MD5

Process Name

ed9eb7393666d39b_shareddataevents SQLite 3.x database, last written using SQLite
version 0 e5ad247039b45835f056c52a0e47b5d0 (2392) C:\Program Files
(x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
feb5b14ff8018de5_wsrgb.icc Microsoft color profile 2.2, type lino, RGB/XYZ-mntr
device by MSFT, 2676 bytes, 22-7-2022 1:30:25 "* wsRGB"
e0617102313f539561b1e68c2c7363a8 (2392) C:\Program Files (x86)\Adobe\Reader
9.0\Reader\AcroRd32.exe
b9c2a4fd66d06210_wscrgb.icc Microsoft color profile 2.2, type lino, RGB/Lab-spac
device by MSFT, 66208 bytes, 22-7-2022 1:30:25 "* wscRGB"
cc2611420a8dfbf6468aadfc187d8d65 (2392) C:\Program Files (x86)\Adobe\Reader
9.0\Reader\AcroRd32.exe
2a6d81e7e67b8cb2_acecache10.lst data 6b093505128c6e3dc7bd2b8435efcd23 (2392)
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
c4730063925f77d4_usercache.bin data ab599f8090712908ba597b90fc0b7847 (2392)
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe







EXECUTED COMMANDS

services.exe


taskhost.exeservices.exe100%




UDP
Include internal to internal communication
Top Source
192.168.56.115
Top Destination
224.0.0.252
Show
10 25 50 100
entries
Search:
Source

Source Port

Destination

Destination Port

192.168.56.115 50139 224.0.0.252 5355 192.168.56.115 50852 224.0.0.252 5355
192.168.56.115 51554 224.0.0.252 5355 192.168.56.115 51972 224.0.0.252 5355
192.168.56.115 52161 224.0.0.252 5355 192.168.56.115 52471 224.0.0.252 5355
192.168.56.115 52967 224.0.0.252 5355 192.168.56.115 53017 224.0.0.252 5355
192.168.56.115 53617 224.0.0.252 5355 192.168.56.115 54072 224.0.0.252 5355

SHOWING 1 TO 10 OF 40 ENTRIES
1
2
3
4
Next









Integrations can be added from the Settings page, which can be found by clicking
on the at the top right of the main menu.


COMMENTS

You must be logged in to leave a comment.

Refresh Comments

 * © Copyright 2022 AlienVault, Inc.
   
 * Legal
   
 * Status