찾아줄게요
PDF 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 PDF라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
PDF 파일은 어도비 애크로뱃 문서 형식 (Portable Document Format) 입니다. Adobe에서 배포한 파일인 것으로 보입니다. 2008-09-27 00:29:05에 처음으로 보고되었으며 2008-09-27 00:29:05에 마지막으로 보고되었습니다.
-
적절한 프로그램을 다운로드하여 PDF 파일을 열 수 있습니다.
-
어도비 애크로뱃 문서 형식 (Portable Document Format)
-
시그니처 정보가 없습니다.
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-01 17:07:44] @pollo290987 #remcos ad_9012159281_FACTURA_FE123_CONSORCIO_OBRAS_SAN_CRISTOBALpdf.exe 953bf44c0a25a64d66503833e668e12e C2: /dominoduck2117.duckdns.org:9804 Botnet: ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZREMIX
-
[2021-06-30 01:31:59] @micham Besides this #Phishing page targeting "Universidad Santo Tomás" ???????? @USTA_COLOMBIA. there's also that sneaky RAT named "factura.exe" with PDF icon???? waiting for clicks (DON'T!). Stay safe! https://www.phishtank.com/phish_detail.php?phish_id= 7204702 VT: 1/88 (@ESET????) https://www.virustotal.com/gui/url/cbc9665fb3534ad629bcafb494ca4e5a38ee6be291085e50071a7a3d58276f85/detection https://twitter.com/micham/status/1409942738762493955/photo/1
-
[2021-06-29 21:00:27] @satontonton 日本語の #不審メール が届いていました。 件名:Re:プロフォーマインボイス File:プロフォーマインボイス pdf.rar HASH:a2dff2d4866d39b2c05bb18a395f7d6a triage: https://tria.ge/210629-nzqpc4djsn anyrun: https://app.any.run/tasks/b5ff76d5-2119-43db-aad4-7931a7c3ae05 #lokibot #guloader 実在の国内企業を騙ったメールです。 https://twitter.com/satontonton/status/1409874407175168002/photo/1
-
[2021-06-29 20:05:00] @wwp96 @IndianCERT @GoI_MeitY 0/56 detections for file.pdf https://www.virustotal.com/gui/file/af6e69d49be46facd53d5b8bf1efe349e1c4ef98442d00a0a18f88c8c19d886c/detection
-
[2021-06-29 20:01:49] @wwp96 @IndianCERT "IAF attack.pdf" with HEAD requests to: hxxp://email-govin.duia.eu:8011/1203334A04AF-X-USER-PC/file.pdf Credential harvester hosted on same #opendir but on different dynamic DNS spoofing @goi_meity hxxp://nicindia.mywire.org:8011/e/ https://app.any.run/tasks/3a5b2783-4828-423d-9b13-5c11e32622fd/ https://twitter.com/wwp96/status/1409859652750356480/photo/1
-
[2021-06-28 07:38:38] @bomccss 2021/06/28 日本語のマルウェア付きメールを確認しました。 ■件名 Re:プロフォーマインボイス ■添付ファイル プロフォーマインボイス pdf.rar ■サンプル https://tria.ge/210627-xk9de1y9hs https://www.virustotal.com/gui/file/eb2691044faf61721a84eace5cd2a16cf50172decc80d7220877303e7f83e004/detection https://app.any.run/tasks/e9fffb97-a4eb-4157-8ac0-79615e5b2700/ #guloader -> #lokibot https://twitter.com/bomccss/status/1409310233390841859/photo/1
-
[2021-06-25 13:59:14] @pollo290987 #remcos ad_900165378_DOCUMENTO_ELECTRONICO_PROTEGIDO_FDV2237_094847200093474pdf.exe 0108b89d181b0db9ef38c1c9106d4489 "ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZBADBUNNY" C2: /dominoduck2116.duckdns.org:9803
-
[2021-06-25 13:26:48] @fbgwls245 .Poliex #Ransomware ABE8BC2AC31FB94DD985DE0D81CD4BCD C:\Users\Tiobe\source\repos\Microsoft_Edge.pdf\Microsoft_Edge.pdf\obj\Debug\Microsoft_Edge.pdf.pdb https://twitter.com/fbgwls245/status/1408310692583645188/photo/1
-
[2021-06-24 03:09:24] @James_inthe_box @felixw3000 @InQuest @PwCUS @jcarndt @dmoore21 Was dridex..also had an #opendir http://jazz-html-v2.aps.agile451.net/pdfviewer/web/locale/ach/ https://twitter.com/James_inthe_box/status/1407792928504774657/photo/1
-
[2021-06-22 20:26:19] @MBThreatIntel ???? #AsyncRat #malspam Spam email -> Archive file -> VBScript file -> Injects #AsyncRat into MSbuild.exe ➡️ VBS file: Supplier Detailed_brief_pdf.vbs 5794745215f03da8142cafa057d3ecda ➡️ AsyncRat: 5990b0d44bb8e76ba6122a1a71cfb037 ➡️ C2: 185.140.53.169 https://twitter.com/MBThreatIntel/status/1407329103708053516/photo/1
-
[2021-06-22 10:46:26] @bomccss 2021/06/22 日本語のマルウェア付きメールを確認しました。 ■件名 Re:プロフォーマインボイス ■添付ファイル プロフォーマインボイス pdf.rar ■サンプル https://tria.ge/210622-gyl51791de https://www.virustotal.com/gui/file/ce31fff6a5071cce7ff3e15784a77ec58e0e7110222bf3617864973ae4902f64/detection https://app.any.run/tasks/4b2fee7f-8b47-4319-9c3f-69d73dcc54b8/ #guloader -> #lokibot です。 https://twitter.com/bomccss/status/1407183167870488584/photo/1
-
[2021-06-21 23:33:42] @ps66uk "unpaid invoice_937928_438_pdf" EML > ISO > #guloader > #azorult f4bb76dda7c1f264ffdb934f633ecc278acc7a4cb7b0d71248cc1cddde42629f https://capesandbox.com/analysis/167302/ https://tria.ge/210621-dlmmqk75ys
-
[2021-06-21 04:41:38] @dubstard @clevybencheton http://sony.com/en/SonyInfo/IR/library/presen/er/pdf/19q4_supplement.pdf Kinda funny how apple iPhones use Sony cameras. and thus Sony makes a ton of $ from this. but can't even muster up a phone of their own. Maybe their terrible naming convention drove sales to practically subzero values. Strong LG vibes. https://twitter.com/dubstard/status/1406728976844746755/photo/1
-
[2021-06-19 01:31:01] @MBThreatIntel Fake PDF #phish exfiltrating credentials to suprams.com.br/pdff/PDFNV.php https://twitter.com/MBThreatIntel/status/1405956229529100289/photo/1
-
[2021-06-17 20:52:59] @lazyactivist192 Here's a much better source than the beacon's fluff article (the beacon exclusively writes fluff pieces) https://www.dontshootpdx.org/wp-content/uploads/2020/06/DSPFinal-RCAreport4SocialChange-AM.AR_.ZW_.DS-.pdf https://twitter.com/AkronOhioMayor/status/1405496735200419847
-
[2021-06-17 20:51:41] @lazyactivist192 @AkronOhioMayor @beaconjournal https://www.dontshootpdx.org/wp-content/uploads/2020/06/DSPFinal-RCAreport4SocialChange-AM.AR_.ZW_.DS-.pdf So what I'm hearing is the city of Akron loves cops who disobey court orders?
-
[2021-06-17 16:44:43] @bomccss 2019/06/10 ■件名 購入SVMPL JP -JJPS:AMGLK-4E4687347 ■添付ファイル P.O.・ http://pdf.cz.rar https://twitter.com/58_158_177_102/status/1137941560308293633
-
[2021-06-17 13:30:16] @bomccss 2019/05/28 ■件名 緊急:テクニカルオーダー-001-18-0514 ■添付ファイル テクニカルオーダー-001-18-0514 28-05-2019・ http://pdf.zip https://twitter.com/58_158_177_102/status/1133321446506225664
-
[2021-06-17 13:27:50] @bomccss 2019/04/16 ■件名 TENDERへの招待 (東京大学) EUI894/BU463 ■添付ファイル名 TENDERへの招待 2019 04 16· http://pdf.zip https://twitter.com/58_158_177_102/status/1117989462682681345
-
[2021-06-17 12:39:25] @bomccss 2021/03/16 ■件名 64783円支払確認書(株式会社三菱UFJ銀行) ■添付ファイル名 64783円支払確認書·16·04·2021· http://pdf.zip https://twitter.com/bomccss/status/1371641900755689473
-
[2021-06-17 11:26:43] @phishunt_io #NewPhishing | #phishing #scam ???? /artofsoles.com/Office365/PDF/ ???? 162.241.70.204 ☁ UNIFIEDLAYER-AS-1 ???? cPanel. Inc. Certification Authority https://twitter.com/phishunt_io/status/1405381366095679492/photo/1
-
[2021-06-12 01:35:33] @RonnyTNL @virustotal @FileZillaPro . Hi @virustotal @bquintero @msftsecresponse Here is an other one "PDF24 Creator" tagged as ☑ File distributed by Microsoft Corporation I'm pretty sure it isn't the case. https://www.virustotal.com/gui/file/dab644778468eaff0655c102b1ff998ea7336eee285922d06a2a5a7d45a1fc2b/detection
-
[2021-06-09 11:41:58] @bomccss 6/9 日本語のマルウェア付きメールを確認しています。 ■件名 Re:プロフォーマインボイス ■添付ファイル プロフォーマインボイス・pdf.rar -> Proforma Invoice·pdf.exe ■サンプル https://www.virustotal.com/gui/file/5f9814bf0b8ac4f58d2d43bc921a0345a6032ba7d22211230c4773bc5c152386/detection https://tria.ge/210609-vkqmz33w6n https://app.any.run/tasks/7d6e3562-a2cc-4e0c-a187-478bd57745d1 情報窃取マルウェア #Lokibot です https://twitter.com/bomccss/status/1402486100870897668/photo/1
-
[2021-06-05 06:36:32] @jernej__s @breaultjean @Derpmeister2000 @SwiftOnSecurity Here's a PDF file that contains the EICAR string in several places: https://eternallybored.org/misc/test.pdf VirusTotal analysis: https://www.virustotal.com/gui/file/b2dd85032f7f512a824154986ec522764ed9bc626fe201988b1c45e1819f5eb9/detection
-
[2021-06-04 17:06:49] @JAMESWT_MHT "Re:FW: PROFORMA INVOICE2" #spread #Formbook too today in #italy Zip https://bazaar.abuse.ch/sample/20958a929e48de6150bdb51a08ac836a2ed1481537a5d35ca5ec7d02aaa293c0/ PROFORMA INVOICE PDF.exe https://bazaar.abuse.ch/sample/98acba30e1beae1f5b26942e308d3e34e776abf297925b373bfe1e39ed6d5dc2/ C2 hXXp://www.kalptarucentrino.com/owws/ cc @58_158_177_102 @felixw3000 https://twitter.com/JAMESWT_MHT/status/1400755913099730945/photo/1
-
[2021-06-03 19:11:22] @JAMESWT_MHT "Re: New order of goods" spred #FormBook too in #italy Revised_Order PDF .zip https://bazaar.abuse.ch/sample/355af5bcaf4798d93186e2db6b9aa813b94e5d9dfa13a7d1b2ee9ca547ac2780/ Revised_Order PDF.exe https://bazaar.abuse.ch/sample/bfc5459f5283fd7fd1026ac6b8da4dc47a73abb4744f2704451e8796925c1024 C2 hXXp://www.kalptarucentrino.com/owws/ cc @58_158_177_102 @felixw3000 https://twitter.com/JAMESWT_MHT/status/1400424870941540359/photo/1
-
[2021-05-29 19:43:04] @cyb3rops Since @MSFTSecurity and @Volexity shared so many useful information about APT29 / NOBELIUM. I do my part and share 12 YARA rules Rules https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_nobelium_may21.yar#L47 > I especially like the rule to detect the PDF payloads used by BoomBox PDF https://www.virustotal.com/gui/file/656384c4e5f9fe435d51edf910e7ba28b5c6d183587cf3e8f75fb2d798a01eeb/detection https://twitter.com/cyb3rops/status/1398620909368381440/photo/1
-
[2021-05-29 04:40:27] @BushidoToken ???? Scam using a URL in a #JPMorgan- and #Ethereum-themed PDF jpmcryptosmanagement.net jpmcryptosmanagement.com jpmcryptomanagement.com jpmcryptoinvestment.com 8.211.4.26 (AS45102 - Alibaba) https://app.any.run/tasks/c9e8fb6c-b85b-48f2-8679-e1efe3d7ea9f/# https://twitter.com/BushidoToken/status/1398393756911550473/photo/1
-
[2021-05-27 12:28:59] @yvesago #phishing s://dgco-store.com/MN/adobepdf/adobepdf.php ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1397786894331789316/photo/1
-
[2021-05-21 23:42:53] @benheise It looks like this one has 0 detections for it. Is it totes normal for a PDF to be 40MB in size. to use GetProcAddress to get some locations from kernel32.dll. check if a debugger is present. and then use SetWindowsHookExW right? https://www.virustotal.com/gui/file/4f0f419cde9faf3e33ee0eb8fdfadde0e2ddc419a8a7c11edf103f936ef0494a/behavior https://twitter.com/IntelTechniques/status/1395526885862371329
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터