General
-
Target
93cf4cb8f3476b9150ab41d482924cd4f75abf47eb68ff0f8fe0498714073b89
-
Size
331KB
-
MD5
912dbb9e0400987c122f73e0b11876c0
-
SHA1
1e07979edbcc704a2da9338691aa3b27b37c0856
-
SHA256
93cf4cb8f3476b9150ab41d482924cd4f75abf47eb68ff0f8fe0498714073b89
-
SHA512
b007c70acabfa7cbe807f7c177ad99b0b95a1e8fce889c49689fa468f5ef82b2fadbfb7d3920997b9736ca7fcdc28cefff9cd2d5ca56857c94e7c2f4cfd0237d
-
SSDEEP
6144:GovnkkHuEse8Pn+mxXmxBivKJeU+cjZt0wTjl+mkLAZEoupr7zdZ:GovkHEW+MXmxBiCV+LwTjl+VLAZJm
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
93cf4cb8f3476b9150ab41d482924cd4f75abf47eb68ff0f8fe0498714073b89
-
https://we.tl/t-aBUVx3EMdx
-
https://we.tl/t-NwSigkLd2E
-
https://jtcqatar-my.sharepoint.com/:f:/g/personal/romy_delavina_jtc-qa_com/EnHcou7_1HFIvjYwJtIOcGsBpC50mSv_4T8zXnajb8dO4w?e=HBcv7N
-
https://we.tl/t-aBUVx3EMdxen-GB
-
https://we.tl/t-NwSigkLd2Een-GB
-
http://romy.delavina.jtc.qa
-
http://protonmail.ch
-