9/20/2023 0 Comments Malicious pdf sample![]() The code is included here as an image, to keep your anti-virus from panicking. Almost at the end of the output, we encounter Object #44: Running pdf-parser.py -f Requset.pdf | more nicely dissects the PDF into its portions, and also de-compresses packed sections. One of the tools that work very well to analyze PDFs is Didier Stevens' excellent script " pdf-parser.py". We'll take a closer look at the sample that fellow ISC Handler Bojan already analyzed, but will this time do a static analysis without actually running the hostile code.ฤก92829aa8018987d95d127086d483cfc Requset.pdf ![]() While we are still waiting for the patch and the malicious PDFs which exploit CVE-2009-4324 become more and more nasty, here's another quick excursion in dissecting and analyzing hostile PDF files.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |