Overview

overview

6

Static

static

6

DIS_75999812.pdf

windows7-x64

1

DIS_75999812.pdf

windows10-2004-x64

4

~WRD0000.jpg

windows7-x64

3

~WRD0000.jpg

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    FW Completed Scanned PDF From Staples.msg

  • Size

    192KB

  • MD5

    107e6a8aeec5c213469b0a74aaa2ae11

  • SHA1

    8983396b1bb399dad94f2ed8b0e120ff193cab91

  • SHA256

    96e1447d108d355c3ac05a4e32157cf9797942aff56c2ba409e45bcbee1d720d

  • SHA512

    410ee25e2e33fe6af838006398df26c0601f3aef966905961c7c87cd64eadaa96d0fe1bfa6bbcf27f1fa13a85f636d2907de59c25ec5f277918bdc31ddd5b37c

  • SSDEEP

    3072:qwLKY7eZ7bBd/zLdy38AU+1SBU+wT3KUBm:qCNeZ7bBJ1AUKshwT3

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • FW Completed Scanned PDF From Staples.msg
    .msg

    • https://webconference.protected-forms.com/XV2tsYVRuUnVVRXd5UlhSNGRDOU5PV1JxVm1wSFlucEtaVGM1UnpGc2JrVkNiazVXUW5WblVIQldXbFJ4V1UxUlFsaHNiRGRZYWs5emFpc3daRUZZZUcwMWJEVnhRMUV6T0hCS09UbFVjRE5WTjJjNVVsTnBaMDFQUWtveldGUlBNRE12VG1OdFZsaERaMW8yVWs1T00yY3JkVlJ4UW5GWEwzUnhURFp0VFhsS1dYbHlWMnB5WkVwSlNrRjRlRXBqYzBGbmFrcGtUVGhwVFc5MVUzQlBXVVUzUVhCbkwwVlhkRGw1YzI5SGJ5dDJjalp5U2tkWU5sbDFPWHB2VFVSWFRWTllWbTl5Y1VJeE5HeHZjMGQ2TUd3elJWZFRkejA5TFMxNk5qWXZhSEJxS3k5TlVTOXRMMFZqWVRBeVMydG5QVDA9LS1iMzA3MDIzYjYyYWM0MTZmMmNhY2U4ODc2Yjk3ZDc3YmIwNDIzODhj?cid=1591852759

    • http://lockesupply.com

    • http://staples-orders.net

  • DIS_75999812.pdf
    .pdf
  • ~WRD0000.jpg
    .jpg