General
-
Target
EXCO_CA_CAM5_2023-08-31_19_23_17.760.zip
-
Size
174KB
-
MD5
45e340d977eeed505a1a9fecf9f6521d
-
SHA1
d921661bad8e7a96cdcafa721e1586a4c524bf2e
-
SHA256
dc7b8f802a22db50edfd437098ac17b4357da3ba3b7767e9a7f47e490407001a
-
SHA512
314b926a94d1c2ad84fe169527ef72e30ea75d47b7ec568ab595ea930e54998ee2eceae4d6ebad5a257f0160d130f8acc808d3b8c9b033a49688fbaa8dca1696
-
SSDEEP
3072:d6PgNA5pLnZYPR0Y2suSK9NJ6o/W+Yle2aqhjTfeyrA4tB/uzoot0e0LG5z6x:d6PYMjJ6o++VkZLV84tmF0eq
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
EXCO_CA_CAM5_2023-08-31_19_23_17.760.zip
Password: ThreatFile1
-
Device/HarddiskVolume4/Users/camnx1.EXCOGLOBAL/AppData/Local/Packages/microsoft.windowscommunicationsapps_8wekyb3d8bbwe/LocalState/Files/S0/3/Attachments/CaseAMZ-9774529QOR0[6428].pdf
Password: ThreatFile1
-
https://trk.klclick3.com/ls/click?upn=a4-2FuST9bP4Jm13RgiBPuw5ijTFpGQffaJArgTilq1pWVlYOXq1CRdNJthztE33IHfPpKwLQJRjP5gvlCsCJZBA-3D-3DE6Ce_YT-2BgtM2gIoe0GzKRNjnJV-2FhDuZ5L4QzctHRVVR1psX8tjh07unMW0gUUub9NUCX8Ki4QtlhOH7j0B29VVl-2Fpric-2B2nH4Aw6kml4LonpruYs7ZjLSm-2FmRzKV0MeqCCrUkYO2xZJV2fuZpxgMPLVXqW0TVoZk2GGoE2sXDj-2FTgwDdOZe-2FTE2twUPPly3b3hXxzK1j68p11zQf6BvNW4Kqz-2BZ2hP1XvoDNym2PTqWVmoCPya3k-2FBWARyxQp5qD5vFTWftbH6Y-2Ba4w06Go-2BUXgMCXQfWxY4wBOdXyjS7uWbRSOw-3D
-
https://trk.klclick3.com/ls/click?upn=6ugFcrmXBqdF45uV9TpvmGJRgNXD7BSE-2FB3lJ01rsl9UpIjN1w0x28jjfj5LpscRvGfc_JfJWBKmSfNyOENkRkyryLTGdBi6VtbfbOiG-2BKUYKuNa61C2r0tPp6xQyT3l0jVTDv-2FDWlyJAR2FHuTLHfueo7JZMwkZkCur-2FdAN90Q3CWIV-2BGZT-2FI5jprCKRzsbXRMVgOV1ihzI6yK8CCEbhBowBkh4J1KKLtixxreT94FmdDR5lXlpLiLYLJAZhYUN-2FvIPuo74SGBOuPeSf3dIXNln-2FnFfXM1SJ1jswecKoxigR4JksC7YB9bvdTLUApm4ibWY5XejENXPhNeDFuq4IYuvVk9JqKzxFm1r8lLnRMPyyR3QCoKbHrh8Y1j-2FZAAX2bPu-2F
-
-
manifest.json