10479241101[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10479241101.zip
Size

1.3MB
MD5

160576e36fbd1e674f15e76c6a5fb9bb
SHA1

fe6ab098d3af4562f88437ff1684500322ca5857
SHA256

7b42d38384a23997dbdfb612500a85cda2a990baed94ee6955d612b8d7580eca
SHA512

403201c6964a7d7461af44e8b871028b3afee829533e7a42348bf8c690c7ec58b4ea06893bdebf74fafc55a54406be259c80ba0db04593fd1a7d0a457087317f
SSDEEP

24576:yqUP9JSfrMfA+xh3bRTtyt8VKDh5gAfQWoW6o0UeKqrd:kPPSDMf5r3JtytYWqbWoZo0yKd

Score

6^/10

pdf evasion link

Malware Config

Signatures

Malformed or missing cross-reference table in PDF
Malformed or missing cross-reference tables are often used to evade detection
pdf evasion

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

resource	yara_rule
static1/unpack001/8762bd7e0facf8cbfa0e8710d7f2a417d43d946d22b0d7eecb3942569ce57fc0	pdf_with_link_action

Files

10479241101.zip
.zip

Password: infected
8762bd7e0facf8cbfa0e8710d7f2a417d43d946d22b0d7eecb3942569ce57fc0
.pdf .macho macos