PDF Analysis

An employee has received a suspicious email:


From: [email protected]

To: [email protected]

Subject: Critical - Annual Systems UPDATE NOW

Body: Please do the dutiful before the deadline today.

Attachment: Update.pdf

Password: letsdefend


The employee has reported this incident to you as the analyst which has also forwarded the attachment to your SIEM. They have mentioned that they did not download or open the attachment as they found it very suspicious. They wish for you to analyze it further to verify its legitimacy.


File Location: C:\Users\LetsDefend\Desktop\Files\PDF_Analysis.7z

Password: infected


This challenge prepared by @DXploiter


Walkthroughs:LetsDefend— PDF Analysis Challenge Walkthrough

Malware Analysis - PDF Analysis

Challenge | LetsDefend - PDF Analysis

LetsDefend.io — PDF Analysis writeup

PDF Analysis - A LetsDefend Challenge

LetsDefend pdf-analysis challenge writeup