General
-
Target
f6be907ce6e89850a46705a5b8be2e7ca9f4dc2d2cc800ee6fbdca632ea183f9
-
Size
342KB
-
MD5
24e67f40ccb69edb88cc990099ef2ffe
-
SHA1
d76b4b51ec6dbaa5b8a2e7ce3e12cf38fff02cf5
-
SHA256
f6be907ce6e89850a46705a5b8be2e7ca9f4dc2d2cc800ee6fbdca632ea183f9
-
SHA512
2ee6cc4a676accd386a58720dd8af6d440b6bc68c2d7c8073a7c7179c0ffcbc4212c0abb19efc33010fe1cfe49340efbc531c3d8fe1135245bf411240e2bda76
-
SSDEEP
6144:Hxfj8Pn+mxlm/GTKkGFFceq5a24Pz7rMYgqk2y3jMhk9p1dWL+JD0srtft8kSRuS:RfO+Mlm/hvvqI9MRqa3jMetdY8UkSoNk
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
f6be907ce6e89850a46705a5b8be2e7ca9f4dc2d2cc800ee6fbdca632ea183f9
-
https://we.tl/t-hSqtTJDi1f
-
https://we.tl/t-E1iDs5Bghr
-
https://jtcqatar-my.sharepoint.com/:f:/g/personal/romy_delavina_jtc-qa_com/EnHcou7_1HFIvjYwJtIOcGsBpC50mSv_4T8zXnajb8dO4w?e=HBcv7N
-
http://romy.delavina.jtc.qa
-
http://tuta.io
-