Overview

overview

6

Static

static

NO ABRIR.rar

windows7-x64

3

NO ABRIR.rar

windows10-2004-x64

3

NO ABRIR/A...7.html

windows7-x64

1

NO ABRIR/A...7.html

windows10-2004-x64

1

NO ABRIR/E...28.msg

windows7-x64

6

NO ABRIR/E...28.msg

windows10-2004-x64

3

NO ABRIR/E...47.msg

windows7-x64

6

NO ABRIR/E...47.msg

windows10-2004-x64

3

NO ABRIR/F...f.html

windows7-x64

1

NO ABRIR/F...f.html

windows10-2004-x64

1

NO ABRIR/N...n.xlsx

windows7-x64

1

NO ABRIR/N...n.xlsx

windows10-2004-x64

1

NO ABRIR/O...r .msg

windows7-x64

6

NO ABRIR/O...r .msg

windows10-2004-x64

3

NO ABRIR/O...a.xlsx

windows7-x64

1

NO ABRIR/O...a.xlsx

windows10-2004-x64

1

NO ABRIR/desktop.ini

windows7-x64

1

NO ABRIR/desktop.ini

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NO ABRIR.rar

  • Size

    609KB

  • MD5

    496226b100a4d87ae6a667f74e6653cf

  • SHA1

    f96d69175782b0e053ce790ed0954c08b35c8ba0

  • SHA256

    41a17ef940860c7ecc486581cc0ca9702fc264fbc2845c2c3b386b81c9b19150

  • SHA512

    8b2616c7dab05d0d86d2644fa9ed0b56991f1fb706399821fdabf9ffeb994ed0340850efd23aca39d6815927544d73b96c4a9e959097bb35188ab10e83a58359

  • SSDEEP

    12288:bQinGhWZbL6GVMSWn3LkFOdRs9tgsLmWDkds7X9OPxNCUla1ydX9O:bQirbLPVbWn3DdRs8WDUsj9OPxU1yJ9O

Score
N/A

Malware Config

Signatures

Files

  • NO ABRIR.rar
    .rar
  • NO ABRIR/AUTORIZACION1995324BM7.html
  • NO ABRIR/Envio del comprobante fiscal - N6428.msg
    .msg

    • http://2Fhref.li

    • https://clevert.com.br/lib/ckeditor/plugins/smiley/images/envelope.

    • https://clevert.com.br/lib/ckeditor/plugins/smiley/images/envelope.png

    • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ah

    • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiox4G89PPRAhUk_4MKHbtpC0MQFggbMAA&url=https%3A%2F%2Fhref.li???https://marfron.com&usg=AFQjCNH0ADPaWjUYm_5iDZNEJOVi-eOwxQ&sig2=0g1dyK1SEobIpzDAcrsDoA

    • http://marfron.com

  • NO ABRIR/Envio del comprobante fiscal - N7547.msg
    .msg

    • http://2Fhref.li

    • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ah

    • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiox4G89PPRAhUk_4MKHbtpC0MQFggbMAA&url=https%3A%2F%2Fhref.li???http://vps-685b50c3.vps.ovh.net/CFDI2306/SFDI230921.html&usg=AFQjCNH0ADPaWjUYm_5iDZNEJOVi-eOwxQ&sig2=0g1dyK1SEobIpzDAcrsDoA

    • http://vps-685b50c3.vps.ovh.net/CFDI2306/SFDI230921.html&usg=AFQjCNH0ADPaWjUYm

  • NO ABRIR/Factura-8118980.pdf.html
    .html
  • NO ABRIR/Nuevo orden.xlsx
    .xlsx office2007
  • NO ABRIR/Operacion SPEI-6279 a tu favor .msg
    .msg

    • http://2Fhref.li

    • https://i.gyazo.com/0ace6471e8c4f508c246b30472527772.png

    • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ah

    • https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=0ahUKEwiox4G89PPRAhUk_4MKHbtpC0MQFggbMAA&url=https%3A%2F%2Fhref.li???https://marfron.com&usg=AFQjCNH0ADPaWjUYm_5iDZNEJOVi-eOwxQ&sig2=0g1dyK1SEobIpzDAcrsDoA

    • http://marfron.com

  • NO ABRIR/Orden de compra.xlsx
    .xlsx office2007
  • NO ABRIR/desktop.ini