Behavioral task
behavioral1
Sample
Ariba Network_KR (Agent).pdf
Resource
win7-20220331-en
Behavioral task
behavioral2
Sample
Ariba Network_KR (Agent).pdf
Resource
win10v2004-20220331-en
Behavioral task
behavioral3
Sample
image002.png
Resource
win7-20220331-en
Behavioral task
behavioral4
Sample
image002.png
Resource
win10v2004-20220310-en
General
-
Target
0401 SPAM MAIL.msg
-
Size
1.9MB
-
MD5
25b555ec62af6e01a25e0ab0d1b72e72
-
SHA1
ceee9ddb5757eacf24748d41f7a6b2f917a15df3
-
SHA256
ac150e2a3175a68f8d694026a177ba5cc3c649e51582f24aa9f62747baac6880
-
SHA512
2b276ab0f5e3749c1c01c0730786028899165ced0692372084cfb778fd13437cb7f48717f5fba19e942e9a3eea08361f78f6584b725c38b1066460b3a781d1aa
-
SSDEEP
24576:UpoLAXBeF6H2SQWlAv2I4NVMEelgMgQhWsZoYm/EjttZE47LbSALIw+QK5Tn:mvk6H2/W2K7R1+WEtX75LIgK5T
Malware Config
Signatures
-
HTTP links in PDF interactive object 2 IoCs
Detects HTTP links in interactive objects within PDF files.
Processes:
resource yara_rule sample pdf_with_link_action static1/unpack001/Ariba Network_KR (Agent).pdf pdf_with_link_action
Files
-
0401 SPAM MAIL.msg.msg
-
https://cpp-download-external-prd-388900360182-ap-northeast-2.s3.ap-northeast-2.amazonaws.com/banner/lgcns_banner.png
-
https://cppm.singlex.com/public/painpointDirects/C998?mediaSource=EMAIL
-
-
Ariba Network_KR (Agent).pdf.pdf
-
https://www.microsoft.com/ko-kr/edge
-
https://www.mozilla.org/ko/firefox/new/
-
https://www.google.com/intl/ko_kr/chrome/
-
-
image002.png.png