Overview

overview

4

Static

static

4

Arcbest Ex...7 .pdf

windows7-x64

1

Arcbest Ex...7 .pdf

windows10-2004-x64

1

HTTP API D...2.html

windows7-x64

1

HTTP API D...2.html

windows10-2004-x64

1

quotes req...a.json

windows7-x64

3

quotes req...a.json

windows10-2004-x64

3

quotes res...a.json

windows7-x64

3

quotes res...a.json

windows10-2004-x64

3

tracking model.json

windows7-x64

3

tracking model.json

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    requiresanalysis.zip

  • Size

    583KB

  • MD5

    4e6313f7ddc530b1cf1bb093ac3ca569

  • SHA1

    686c95e8e8e17821c7cc8975f92acefad714d793

  • SHA256

    5e64e8b5843b9956c3ff18a8b0ddab0346041a4def12b042179b3d34572da149

  • SHA512

    5b6995c5b1199be393eb446de3365e9aef7847a73529570e05dbee16b9d6300c1ea7548d9184408134034fc4ec398d34c10150446c090ea7bcef219f41b76f66

  • SSDEEP

    12288:bwsgrr5gialfce3hkz5Nvkj51qJI1CikRR8NSSkoNLZXaTT1OE+T/oS:EbJghce2r76xkRRGSSkoNJwT1OE+T/oS

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • requiresanalysis.zip
    .zip
  • Arcbest Expedite Customer Quoting Booking API 2023.4.17 .pdf
    .pdf

    • https://api.arcb.com/expedite/customer/authorize

    • https://api.arcb.com/expedite/customer/quotes/booking-request/expedite

    • https://test.api.arcb.com/expedite/customer/

    • https://api.arcb.com/expedite/customer/authorize.

    • http://arcb.com

  • HTTP API Definition2.html
    .html .js
  • quotes request schema.json
  • quotes response schema.json
  • tracking model.json