General

  • Target

    Boarding passes-04 jul..pdf

  • Size

    3.2MB

  • MD5

    6216a92ba9549a8c25aff6231e82c256

  • SHA1

    58a6b07fed7dfbd58152e7f89d7f672947aad047

  • SHA256

    10fd3e895081fd483bcf10a790b0362286d52887050ceeea9cb76c2384ebd1e0

  • SHA512

    7874566cb13abc662aaa89b0ff796ac2a1c6604fea0a773e702388df1765019bc430c6fa5d4f973cc31ddc6d65598e904dfdeb97e26c3770601fe2f263a7a310

  • SSDEEP

    98304:T8e53H8e53MR8e53I8e53L8e53gF8e53F8e53Og8e53N:YlbGytwxlJI

Score
6/10

Malware Config

Signatures

  • PDF contains JavaScript

    Detects presence of JavaScript in PDF files.

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

Files

  • Boarding passes-04 jul..pdf
    .pdf

    Password: no

    • https://api.whatsapp.com/send?phone=31206490787

    • https://www.messenger.com/t/KLM

    • https://bcrw.apple.com/urn:biz:4bf38c33-519a-49ab-a41d-c1311293f3c5

    • https://www.klm.se/exchange/inbound/broker?target_id=635dcb60-85b8-4e2c-83ff-766dc034a246