Overview

overview

7

Static

static

4

Payment Co...01.pdf

windows7-x64

1

Payment Co...01.pdf

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    344034d1c644fbbaf510106b98f01f7f55fdc20bfa8a93b66535eb9a55c8bc74.zip

  • Size

    255KB

  • MD5

    717876a0eba54d162d65429f528251f7

  • SHA1

    7939dcd450e0b3c379e73ce449b10432d47e05a8

  • SHA256

    2f1cc1e2eb21c5a241a75f5781280a6c33234c5b0e41318ad37b4ea80324d270

  • SHA512

    0eb2bda4738d7afd945d48c598d6478ffe50fd291e4ddae51fbb8a920318286b81b6998ae1fbbbd9c2951e52118ea8c8bb07a6a9fe7d75a5e350e54574f4618e

  • SSDEEP

    6144:nrcVWzOssyqTn2C5iINrQjKIE0sPrvrbtvgQCJY8u9t778Xnfq:4UzLin2C5iFZ+PrtvZYarmC

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 344034d1c644fbbaf510106b98f01f7f55fdc20bfa8a93b66535eb9a55c8bc74.zip
    .zip

    Password: infected

  • 344034d1c644fbbaf510106b98f01f7f55fdc20bfa8a93b66535eb9a55c8bc74
    .msg

    • http://cittadini.it

    • http://exlabesa.com

    • http://www.cittadini.it

    • http://pec.cittadini.it

    • http://transferitnownow.com

  • Payment Copy#190922-001.pdf
    .pdf

    Password: infected

    • https://73cceb63-7ecd-45e2-9eab-f8d98aab177f.usrfiles.com/ugd/73cceb_5e75121c43a440b0b191ed7a59ac7eb9.pps

    • https://rebrand.ly/d6tbep8paymentcopy

  • image003.png
    .png
  • image004.jpg
    .jpg