Overview

overview

8

Static

static

4

[email protected]

windows7_x64

1

[email protected]

windows10_x64

1

[email protected]...__.pdf

windows7_x64

1

[email protected]...__.pdf

windows10_x64

1

[email protected]...?.docx

windows7_x64

4

[email protected]...?.docx

windows10_x64

1

[email protected]...?.docx

windows7_x64

4

[email protected]...?.docx

windows10_x64

1

[email protected]...?.docx

windows7_x64

4

[email protected]...?.docx

windows10_x64

1

[email protected]...??.pdf

windows7_x64

1

[email protected]...??.pdf

windows10_x64

1

[email protected]...??.exe

windows7_x64

8

[email protected]...??.exe

windows10_x64

8

[email protected]

windows7_x64

1

[email protected]

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    001f329a99a84175ebadb671170482baeef0338807e93f399825381e58807f37

  • Size

    13.3MB

  • MD5

    a51b70082ee587572c3041419197183b

  • SHA1

    99914ccc6bae56f25f2007091989dfd8dec568e1

  • SHA256

    001f329a99a84175ebadb671170482baeef0338807e93f399825381e58807f37

  • SHA512

    51a221bd2488ff58916647a3bd0bf0a8a0e6a35a2797d64f507567dcfe2148065584821bfd96324491c9e3ffa709e831a7e9634b78b0e305a5b5e98f1ec218d1

  • SSDEEP

    393216:09IOPvM8/PixwUysbti6XMnTShWWErzc5eSgpHjJOrw:Lkv96JRi6ITSIhrzc51MtOM

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 001f329a99a84175ebadb671170482baeef0338807e93f399825381e58807f37
    .zip
  • [email protected]/0001202110250033.pdf
    .pdf
  • [email protected]/20_10_2021_01_6101_21____________________________.pdf
    .pdf
  • [email protected]/??? ?? ??????????.docx
    .docx office2007
  • [email protected]/?????? ? ????????????????? ?? ????? ?? ???????.docx
    .docx office2007
  • [email protected]/?????? ? ??????????????? ?? ????? ?? ???????.docx
    .docx office2007
  • [email protected]/???????? ?? ????????? ???????????? ??????.pdf
    .pdf
  • [email protected]/????????? ??? ??????????? ???????? ? ??????????? ???????? ???????????????.exe
    .exe windows x86

    3eaa732d4dae53340f9646bdd85dac41


    Code Sign

    Headers

    Imports

    Sections

  • [email protected]/BMP-13.pdf
    .pdf

    • https://roszdravnadzor.gov.ru/services/misearch

    • http://www.rasudm.org/

    • https://www.covid19-druginteractions.org/

    • https://www.rosminzdrav.ru/ministry/med_covid19

    • http://far.org.ru/newsfar/496-metreccovid19

    • https://minzdrav.gov.ru/ministry/med_covid19

    • https://grls.rosminzdrav.ru/Grls_View_v2.aspx?routingGuid=d494c688-0bc6-4c30-9e81-23f043ceb43e&t

    • https://grls.rosminzdrav.ru/Grls_View_v2.aspx?routingGuid=be951906-cc2c-40ff-af19-30edb36c68ad&t=

    • https://grls.rosminzdrav.ru/Grls_View_v2.aspx?routingGuid=d8f07c35-7edc-49ab-8647-6b6865449167&t=

    • Show all