original[.]eml[.]msg | Triage

Sharing

General

Target

original.eml.msg
Size

352KB
MD5

40c5d515e0c40aab0ca4cec3e075ef0d
SHA1

d2c6ac63b1ac4c2ffbf7150ccb3ceac04845a5c0
SHA256

538fb4b8aac841c90d051df1bd830e8d3c572cce3ed9dc5122e0afe35f987317
SHA512

d9e1c90d7f22f9ccf01b2b63e4b5ff0e662aa7f9bb334c7bbe187c18a802b56d13061ada07e71a5b30986d962b4af428267326eec5ba166aeb29ccc6d4486a4a

Score

8^/10

pdf link macro xlm

Malware Config

Signatures

Suspicious Office macro 1 IoCs
Office document equipped with 4.0 macros.
macro xlm

Processes:

resource yara_rule

sample office_xlm_macros

HTTP links in PDF interactive object 2 IoCs

Detects HTTP links in interactive objects within PDF files.

Processes:

resource	yara_rule
sample	pdf_with_link_action
static1/unpack001/Module 2.2 in Arts 3 .pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

original.eml.msg
.msg
ATT00001.txt
Module 2.2 in Arts 3 .pdf
.pdf
- http://visualartspdsf.blogspot.com/2012/02/organic-and-geometric-shapes.html
- https://online.maryville.edu/liberal-arts-degrees/the-art-of-color/
- https://graf1x.com/product/color-wheel-for-art-class-with-worksheet/