찾아줄게요
PPD 파일은 무엇입니까?
-
안녕하세요. 제 컴퓨터에서 PPD라는 파일을 찾았는데 이것이 무엇인지 잘 모르겠습니다. 알려주시면 감사하겠습니다.
-
PPD 파일은 Adobe Acrobat v.4.0, 포스트스크립트 프린터 정의 파일 규격 입니다. Adobe에서 배포한 파일인 것으로 보입니다. 2008-09-28 02:21:49에 처음으로 보고되었으며 2008-09-28 02:21:49에 마지막으로 보고되었습니다.
-
적절한 프로그램을 다운로드하여 PPD 파일을 열 수 있습니다.
-
Adobe Acrobat v.4.0, 포스트스크립트 프린터 정의 파일 규격
-
시그니처 정보가 없습니다.
-
연관 링크 #1: 첨부된 링크가 없습니다.
-
연관 링크 #2: 첨부된 링크가 없습니다.
-
-
[2021-07-06 06:17:36] @pollo290987 #Nitro #Ransomware Win32bit.exe 5a615891fcc57b57e9deffce6f559947 EXT: .givemenitro \AppData\Local\Temp\NR_decrypt.txt
-
[2021-06-18 13:36:08] @yvesago #phishing s://d095cd9f1ce74faa8cbb30946fa7d96e.svc.dynamics.com/t/r/6wM0y2Zd1XFuS7lRF4LM03LfbWc3nltZre8KcQWRvMs# = > s://47190562363616666829928951178859291162299116229.eu-gb.cf.appdomain.cloud POST to s://datacentral.cc/clienth-ec0285b2b4-5ab50f639680d58879 @malwrhunterteam https://twitter.com/yvesago/status/1405776324946366470/photo/1
-
[2021-06-05 19:33:48] @c3rb3ru5d3d53c #ASyncRAT #Malware #RAT ???? cc4d70fb2e3f396103092b883e23ddfa ???? servlaunch2.ddns.net:1667 Version: 0.5.7B Mutex: AsyncMutex_123hjgjasdasasd Install Folder: %AppData% Install File: "Chrome Browser.exe" https://www.virustotal.com/gui/file/3598fb722004b888990e465d4a36508e0d6eeffb7a6253d9c916d7054b430b7c/detection https://twitter.com/c3rb3ru5d3d53c/status/1401155291887149061/photo/1
-
[2021-06-04 20:41:56] @c3rb3ru5d3d53c #ASyncRAT #Malware #RAT ???? 1238f8f19efe32b2f7168caba8834bd4 ???? ooyeah-24044.portmap.io:22728 ???? Mutex: AsyncMutex_6SI8OkPnk Install Folder: %AppData% Install File: "Windows Security Notification.exe" https://www.virustotal.com/gui/file/f6f4e3772ac0e480939d5af16464ba425c44040e1f1ce6edb82591694d5e3f01/detection https://twitter.com/c3rb3ru5d3d53c/status/1400810049791053834/photo/1
-
[2021-06-04 04:37:38] @c3rb3ru5d3d53c #ASyncRAT #Malware #RAT ???? 84f86d2ec5abb3d52cf1963caaaff00f ???? RobinD3l-46206.portmap.host:46206 Mutex: AsyncMutex_6SI8OkPnk Install Folder: %AppData% Install File: Explorer.exe @pastebin: hxxps://pastebin.com/raw/hbwHfEg3 https://www.virustotal.com/gui/file/afc01f20e5c415f0c7270f0d20c2267dc5c9bce77fe8f63f2b54887adc1b4bc7/detection https://twitter.com/c3rb3ru5d3d53c/status/1400567376861700101/photo/1
-
[2021-06-03 20:44:39] @c3rb3ru5d3d53c #ASyncRAT #Malware ???? cdceebfd7445226dfffa990445e920f7 ???? snow-leopards.xyz:54984 Mutex: Mutex_NotMalware ???? Install File: "not malware.exe" Install Folder: %AppData% https://www.virustotal.com/gui/file/ec503a0e10888dfadfaa3716eb128b6dd7479fd708e45a181cba7c14e8ad59f9/detection https://twitter.com/c3rb3ru5d3d53c/status/1400448347027218432/photo/1
-
[2021-06-03 19:15:02] @c3rb3ru5d3d53c #ASyncRAT #Malware ???? 016a18feaff85bb20024e00cc572abf7 ???? mustafaxd-55088.portmap.io Mutex: AsyncMutex_6SI8OkPnk Version: 0.5.7B Install File: Windows Security Notification.exe Install Folder: %AppData% https://www.virustotal.com/gui/file/b00e0187b41d0a9d87290c73ffc1d2935fdace11b4629fc14e6e2e9589fcd837/detection https://twitter.com/c3rb3ru5d3d53c/status/1400425793738752005/photo/1
-
[2021-05-08 01:26:07] @h2jazi #Kimsuky #APT maldoc: 2021-04 KCNA.doc 622cb6a772b0034f741aa58a50f1155a2a4240021c929d90fbed4182877fa579 wscript.exe //e:vbscript //b C:\Users\admin\AppData\User\Microsoft\Templates\1589989024.xml http://www.mechapia.com/_admin/nicerlnm/web/style/list.php?query= 1 https://twitter.com/h2jazi/status/1390734706103234561/photo/1
-
[2021-05-07 00:17:43] @yvesago #phishing s://12288206a3714a5ca3a73c28b59ce967.svc.dynamics.com/t/r/5__vLjFt_wJ3n8nzoVtX7kJ3pl3R7LCOfpn5MHEavtQ#[email protected] redirect to s://40530867816691576557024.eu-gb.cf.appdomain.cloud Post to #opendir s://kxpresslogistics.com/k/ ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1390355104554012678/photo/1
-
[2021-05-05 16:21:54] @yvesago #phishing s://klwefnewofnewfonojewibfewifwkfewfnjewlnflwef.us-south.cf.appdomain.cloud/wywiioekftrrsrswerou979.php VIA p://atcomtrols.nakshatelier.com/ POST to s://cryptoglobalinvestment.net/wp-content/upgrade/ob ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1389872975818772482/photo/1
-
[2021-04-06 20:34:53] @aRtAGGI After a quiet period for the #RoyalRoad RTF builder it looks like development on the kit continues. L8ter 8.t Hello e.o! #China #APT Encoding Bytes - B0 74 77 46 C:\Users\<UserDir>\AppData\Local\Temp\e.o e.o|cd5db4214b7c71523134a2ef78444e1f https://www.virustotal.com/gui/file/774a54300223b421854d2e90bcf75ae25df75ba9f3da1b9eb01138301cdd258f/relations https://twitter.com/aRtAGGI/status/1379427391181889537/photo/1
-
[2021-03-22 23:25:06] @MichalKoczwara I dig a bit more here so from the admin console I noticed ldxex.pro <- looks like crypto exchange not sure if legit or not but defo is serving malware: https://www.ldxex.com/appDownload.html#/appDownload?1616425490539 https://www.virustotal.com/gui/file/db4b5063a34f6803cc5c5331bddd6ad85ed1a8f50cf1988fec41cd219080dfe1/detection https://www.hybrid-analysis.com/sample/db4b5063a34f6803cc5c5331bddd6ad85ed1a8f50cf1988fec41cd219080dfe1 https://twitter.com/MichalKoczwara/status/1374019312160280576/photo/1
-
[2021-03-22 23:18:22] @th3_protoCOL Low detected #CobaltStrike used in #MountLocker #ransomware attacks⛰️ C2 -> 139.60.161.68:61/fwlink Command -> "regsvr32.exe /i C:\Users\Default\AppData\wininit64.dll" ????: https://www.virustotal.com/gui/file/0a671d9d7ca62274e5e210813d02d860846baf59188e2a07522cd3a1cc3f9cc0/detection https://twitter.com/th3_protoCOL/status/1374017614666731534/photo/1
-
[2021-03-03 01:33:57] @p5yb34m #Trickbot .dll (rob21 botnet): ://metalin-cr.com/appdata/datafile.php .xls Sample: https://bazaar.abuse.ch/sample/5249e43b972f40a78393ddc43b32e444c5ff30bd068078e63112a9da85abfcd5/ .dll Sample: https://bazaar.abuse.ch/sample/cd1a99942b7a7e273ebf42e7435aeb7692fb90f38600a0282fa3ff605d9733e6/ Malware Config (C2s): https://tria.ge/210302-1r1rkzhbzx
-
[2021-02-27 02:02:23] @kenoschwalb @James_inthe_box @DFNCERT @ffforward @UWMadison @JAMESWT_MHT @VK_Intel @tbarabosch @malwrhunterteam @TimPhSchaefers @executemalware @malware_traffic All recent samples I've seen end up dropping %LocalAppData%\%username%.exe. which is harmless but promptly hollowed and replaced with https://www.virustotal.com/gui/file/4c260e70fcd54fd5b3353c21a99cf9f163978a38edcca9393c2c63b79784ab9b/detection
-
[2021-02-25 15:52:58] @ozuma5119 1/2 #Phishing ⚠#Google #fraud s://docs.google.com/document/u/6/d/e/2PACX-1vQdceefH1VmEVp-jL2wyeBRxmIFPPDyJMUi8mFs6-JFMlIpFTwkzz_Bo2nBpRsh6RZu7lHYC2KIjEKu/pub → s://losjes-events.nl/.block-chain/ with reCAPTCHA need SrcIP= JP Brand: Blockchain .com https://otx.alienvault.com/indicator/url/ https://losjes-events.nl/.block-chain/ https://twitter.com/ozuma5119/status/1364845830750957573/photo/1
-
[2021-02-24 11:37:03] @ozuma5119 1/2 #Phishing Alert⚠ #フィッシング #詐欺 s://docs.google.com/document/d/e/2PACX-1vTj_-LDjFUxvxSbW2yIvTtMKlHHWB0XalRXb_SxzUB7mvM23nXXvOr35_pPdLtnvLm7Bo8pC5oao0JN/pub → s://losjes-events.nl/.bit-flyer/ ‼️ with reCAPTCHA Brand: bitFlyer (Japan)???????? https://otx.alienvault.com/indicator/url/ https://docs.google.com/document/d/e/2PACX-1vTj_-LDjFUxvxSbW2yIvTtMKlHHWB0XalRXb_SxzUB7mvM23nXXvOr35_pPdLtnvLm7Bo8pC5oao0JN/pub https://twitter.com/ozuma5119/status/1364419038365949956/photo/1
-
[2021-02-19 01:19:29] @phishunt_io #NewPhishing | #phishing #scam ???? /facebook.com.marketplace-item18361-mobile.ppdautos.eu/ ???? 198.54.125.56 ☁ NAMECHEAP-NET ???? Sectigo RSA Domain Validation Secure Server CA https://twitter.com/phishunt_io/status/1362451686992863232/photo/1
-
[2021-02-17 16:34:42] @yvesago #phishing s://927939267368782.eu-gb.cf.appdomain.cloud POST to s://waveformtech.shop/sharep-ma-43f432c9b6fad8243f432c9e2/sharep-ma-43f432c9b6fad8243f432c9e2/sharep-ma-43f432c9b6fad8243f432c9e2.ph ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1361957230661275650/photo/1
-
[2021-02-13 03:58:06] @c_APT_ure Friday #MalwareChallenge What #malware family is this? https://bazaar.abuse.ch/sample/ab644490caafad91cfca11a9f402beabf6e32d2e5a5f9c976231148a539ae008/ Interesting file path? "\AppData\Local\Get_Cliboard_Address\" OSINT - Other samples: (related?) https://www.joesandbox.com/analysis/337608/0/html https://any.run/report/6907ae16e209b73c376cae2335d345d84b3046497152f74faa4c32e822ae84e8/ce94715a-66ec-4791-af81-99dc381a6634 https://twitter.com/c_APT_ure/status/1360317274205347841/photo/1
-
[2021-02-10 15:26:42] @yvesago #phishing s://wesunajjsklodjkajkweuoopldshanbcvqwsoplmnbvcxzasdfghjklo.eu-gb.cf.appdomain.cloud/?email= POST to #opendir s://protradekosova.com/all/ @smallorange hosting 174.136.14.72 ping @malwrhunterteam @Spam404 @PhishStats https://twitter.com/yvesago/status/1359403404020310023/photo/1
-
[2021-02-02 08:28:59] @GossiTheDog Hilariously.. Zerologon finally exploited with actions on target (outside dumping AD) on BluePot to deliver.. a coin miner. OBVIOUSLY. They dropped this bad boy: https://www.virustotal.com/gui/file/b041432c77858519a79f500f35de48362686f987d8fdfe5c6ab7f632fc468942/detection As C:\Users\Administrator\AppData\Roaming\plat\scvhost.exe
-
[2021-01-22 21:23:21] @ankit_anubhav Do we not care anymore about malware family names in static detection? ???? This malware literally drops the stolen keylogs in %APPDATA%\remcos\logs.dat yet nobody detects it with the name Remcos RAT. https://www.virustotal.com/gui/file/ce5255ff533d4d6af7b6947a6052127a9d04376bc59f0c47254fe1af1e8a3349/behavior
-
[2021-01-08 04:04:07] @yvesago #phishing s://mailboxvalidation.s3.us-east.cloud-object-storage.appdomain.cloud/mail_validation_system.html?alt= media&token= 516r37s6-t7uu-7ut4-t842-f5973f7746n8/#POST to s://deccanasia.in/logon.php ping @Spam404 @malwrhunterteam @PhishStats https://twitter.com/yvesago/status/1347272824994603008/photo/1
-
[2020-11-23 23:49:31] @h2jazi Maldoc associated to APT #Donot: - Drops embedded dll in APPDATA directory - Creates a bat file to execute the dll: rundll32.exe %AppData%\njhy65tg.dll. ajn54ty maldoc: d7c7a3a7f6f52b6f38419e2158ecce4b9e603f427258a49f9bcae61f104c10d4 C2: http://soundvista.club/sessionrequest https://twitter.com/h2jazi/status/1330901300406595586/photo/1
-
[2020-09-29 16:13:02] @ffforward Another @Microsoft product abused for #phishing. this time @MSFTDynamics365. *.svc.dynamics.com > *.appdomain.cloud @IBMcloud posts to /webvisor.us reg @Namecheap on @Cloudflare https://urlscan.io/result/cb5c920d-7300-412b-a35c-9db062478692/ cc @matthewgall @nullcookies @Spam404 @dave_daves https://twitter.com/ffforward/status/1310870187072258054/photo/1
-
[2020-07-30 23:07:52] @jcarndt Goooooood morning. #AgentTesla? URL ://www.epyorke.edu.bz//libraries/BankBankGG.exe Processes: BankBankGG.exe/svchost32.exe > AddInProcess32.exe Reg: Edit CurrentVersion\Run BisquitBank.exe File: C:\Users\admin\AppData\Roaming\BisquitBANK\BisquitBANK.exe https://app.any.run/tasks/c95a0fc4-4143-4e9c-9ff7-7805c709bfa3 …
-
[2020-07-15 18:19:46] @yvesago one more @IBMcloud #phishing s://7g4jzdl7bn7im3v7mdsl.us-south.cf.appdomain.cloud/? via @MSFTDynamics365 s://2892315232e342469ddd8529ecaed302.svc.dynamics.com/t/r/u6I29RKli72Netser6-514aXARt9V9NAfkAOhMSyOJY#@malwrhunterteam @Spam404 @PhishStats @Malwaredev pic.twitter.com/tIwGP0lomE
-
[2020-07-07 20:55:03] @yvesago #phishing on @IBMcloud s://10293482595861768368.us-south.cf.appdomain.cloud Post to #opendir s://abb.com.se/greatx4/ behind @Cloudflare ping @malwrhunterteam @Malwaredev @Spam404 @PhishStats pic.twitter.com/f5GcIXKLCv
-
[2020-07-04 04:44:28] @baberpervez2 #AgentTesla csps 2606202201.7z --> csps 2606202201.exe C:\Users\Administrator\AppData\Local\Temp\csps 2606202201.exe https://www.virustotal.com/gui/file/8a5de537b5521669ad97140e5d0681d33f050a6b5f3dac191a84219c27a3edf6/detection … https://www.virustotal.com/gui/file/5212951b8b96f0f8b90d469b7ed9e5af52b7152b3dc617abc3c39cbe606990ed/detection …
-
보이스피싱, 불법촬영물, 랜섬웨어, 사이버 안보위협 등에 관련된 사안의 경우 다음과 같은 기관 및 단체의 도움을 받을 수 있습니다. 노모어랜섬(No More Ransom) 경찰청 사이버범죄 신고시스템 국가정보원 민원센터