Search This Blog

Ring Ø Labs DOES NOT advocate using any of the malware, techniques, or information presented here for harm and doing so may violate the law. These topics are for mitigation and educational purposes only. We also employ browser mining to reduce the need for ADs. Read more about us here

Saturday, August 5, 2017

Quick PDF Analysis

Today we show how to quickly analyze a suspicious PDF file to determine whether it contains malicious contents. Check the youtube video for the full analysis process.






RING Ø LABS
Malware Report


FILE DETAILS

Filename
010820170003375296186050723708.pdf
Packer
None
MD5
b2fbd8077726f78884e5330979b213a1
Type
PHISHING
Video


DETECTION

Here are indicators of compromise to block:


CONCLUSION

The analysis techniques shown in the video are standard practice when dealing with suspicious PDF documents. Thanks to the quick actions of someone, the download site this PDF reaches back to was already taken down. Good job...someone.