Overview

overview

3

Static

static

3

4787831772...6e.zip

windows7-x64

1

4787831772...6e.zip

windows10-2004-x64

1

4787831772...6e.zip

windows7-x64

1

4787831772...6e.zip

windows10-2004-x64

1

1. Workmen...23.pdf

windows7-x64

1

1. Workmen...23.pdf

windows10-2004-x64

1

2. GPA CUM...24.pdf

windows7-x64

1

2. GPA CUM...24.pdf

windows10-2004-x64

1

3.GPA Enro...24.pdf

windows7-x64

1

3.GPA Enro...24.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    4787831772e898cd3ae2e690b8e5bc6e.zip

  • Size

    1.9MB

  • MD5

    2a1b23e7a8fc9ed411141b900a4ee021

  • SHA1

    d7131d4215a29f3ebbcab0d3a7fd6da03117ae51

  • SHA256

    b66d13e0fe8991125c1dba0e7e577e168a1fa585e8cbc3ba02ea795ea78fff04

  • SHA512

    b3cc209edf92efab7244bf4ea5960878cbe046045ca32110d58bf718e2529b59cbed85ee56c8a16a562fe42f823fddbfd62cd08b58908ba3e25aa4246551c9a7

  • SSDEEP

    49152:U+TXe5lt2C43uyJBZ67nsF5Dpe96WESo0BRMxbx:U+TudI3TOAF5AgWrR0bx

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 4787831772e898cd3ae2e690b8e5bc6e.zip
    .zip

    Password: infected

  • 4787831772e898cd3ae2e690b8e5bc6e
    .zip

    Password: infected

  • 1. Workmen policy - 15.09.2023.pdf
    .pdf

    Password: infected

  • 2. GPA CUMI valid 03.04.24.pdf
    .pdf

    Password: infected

    • http://gencon.cholams.com/configurator/UnderwrittingMasters/Reports/frmEmployeelist_Group_PA.aspx

  • 3.GPA Enrolled list valid till 3.4.24.pdf
    .pdf

    Password: infected