PDF Analysis
An employee has received a suspicious email:
From: [email protected]
Subject: Critical - Annual Systems UPDATE NOW
Body: Please do the dutiful before the deadline today.
Attachment: Update.pdf
Password: letsdefend
The employee has reported this incident to you as the analyst which has also forwarded the attachment to your SIEM. They have mentioned that they did not download or open the attachment as they found it very suspicious. They wish for you to analyze it further to verify its legitimacy.
File Location: C:\Users\LetsDefend\Desktop\Files\PDF_Analysis.7z
Password: infected
This challenge prepared by @DXploiter
Walkthroughs:LetsDefend— PDF Analysis Challenge Walkthrough
Malware Analysis - PDF Analysis
Challenge | LetsDefend - PDF Analysis
LetsDefend.io — PDF Analysis writeup