OneDrive_2022-09-28[.]zip | Triage

Sharing

General

Target

OneDrive_2022-09-28.zip
Size

133KB
MD5

d6231fdc8662e8d4685b53be4da7a11e
SHA1

bb0962862c4f24df9c674b13a159cc63638000e6
SHA256

aeacdc0eb160394c8a2514de2f40d0d7cc1dc3bb4149f0cbb3b98702f0be7617
SHA512

844e2e56d28e1ba1df1aad06b64a2007208259240e128de6527b7b5fe50200d69fc07e1a2b8d9ee624baa91ed17a0951bffcc1d77c833fd07e0e12ed2e87d8e8
SSDEEP

3072:tX3k/DThLmub1qPU0lmnNQq73bFjPCOMzXdokAJMJ:tX3APJmu5xzNQabtP3MJpUq

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 2 IoCs

Detects HTTP links in interactive objects within PDF files.

Processes:

resource	yara_rule
sample	pdf_with_link_action
static1/unpack001/Bid Document for Howe Independent School District/Bid Document for Howe Independent School District.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

OneDrive_2022-09-28.zip
.zip
Bid Document for Howe Independent School District/Bid Document for Howe Independent School District.pdf
.pdf
- https://bafybeieasltqt2qiuj6t3jcbyvpj23jx666pgg5myyf63ttae57uroo4mm.ipfs.w3s.link/onedrive%20%282%29.html
- https://objectstorage.eu-frankfurt-1.oraclecloud.com/n/frbmak8io5xv/b/cloud-space/o/onedrive.html