COMPENSATION_FUND[.]PDF | Triage

Sharing

Copy URL Twitter E-mail

General

Target

COMPENSATION_FUND.PDF
Size

458KB
MD5

6481b796ea1134146ed9a6de64029223
SHA1

9468ec19cf80ba9e34541b3b6c0e73c5b8c2de89
SHA256

0e83523df91eb7605e8000571dd9a2aff05975c932cc6df4fb3efe74ca08a4cc
SHA512

d49bf2d7c2b39f4081aa2e20147106e0a7e5f07d3eee78435f82bb2dcc4379fdbb7ee998285c24842bf736efb8591dcd7a14bcb9737b60bbadcb8ad3c3302698
SSDEEP

12288:qmhxLb+OmhDL7VF/zNBiS+RSCiq8H/yVx6Mp8oazMvHcVHBd:qmhJbluDL5JavZ8f4p8kvHc1

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

resource	yara_rule
sample	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

COMPENSATION_FUND.PDF
.pdf
- https://www.google.com/imgres?imgurl=https://edinburghinternationalcareers.files.wordpress.com/2013/12/un.png&imgrefurl=https://edinburghinternationalcareers.wordpress.com/2013/12/04/un-virtual-careers-fair-10-december/&tbnid=bZ7cXypn2CxCiM&vet=10CAMQxiAoAGoXChMIkIGKlarK6AIVAAAAAB0AAAAAEAY..i&docid=kjpbq93NnRaISM&w=254&h=199&itg=1&q=un logo&ved=0CAMQxiAoAGoXChMIkIGKlarK6AIVAAAAAB0AAAAAEAY
- https://www.google.com/imgres?imgurl=https://pbs.twimg.com/media/EvpQmViXAA0hGKa.png:large&imgrefurl=https://twitter.com/tigraionline/status/1367494090686881793?lang=zh-Hant&tbnid=ZXJ59ECLrhzzEM&vet=10CAMQxiAoAGoXChMIsPjctJzb-AIVAAAAAB0AAAAAEAY..i&docid=AP_Wlgi2yn8VoM&w=1600&h=1600&itg=1&q=united nations logo&ved=0CAMQxiAoAGoXChMIsPjctJzb-AIVAAAAAB0AAAAAEAY
- https://www.google.com/imgres?imgurl=https%3A%2F%2Fpbs.twimg.com%2Fmedia%2FEvpQmViXAA0hGKa.png%3Alarge&imgrefurl=https%3A%2F%2Ftwitter.com%2Ftigraionline%2Fstatus%2F1367494090686881793%3Flang%3Dzh-Hant&tbnid=ZXJ59ECLrhzzEM&vet=10CAMQxiAoAGoXChMIsPjctJzb-AIVAAAAAB0AAAAAEAY..i&docid=AP_Wlgi2yn8VoM&w=1600&h=1600&itg=1&q=united%20nations%20logo&ved=0CAMQxiAoAGoXChMIsPjctJzb-AIVAAAAAB0AAAAAEAY
- http://protonmail.com