20230808 suspicious email[.]zip

General

Target

20230808 suspicious email.zip
Size

157KB
MD5

3c28d293c6153cf1f535f9df0ded5517
SHA1

3090a4bd22f3c41cca1126c889cfe0c336a1e9e8
SHA256

a74f74871cbe2ea9b4d90b7515bcb21c44846636e2a69ce9da5e030a5576162a
SHA512

8681d6fead62c6d411137545b4c4cbd2fd9610847a3d906d9025d7e1f71f9913f605f93f925bd133a80e51b2a46a18e252a7ca9df1b4f31aa54c0c5708aa2f5c
SSDEEP

3072:C72z+bzL0HVs9kvldpmhBc1F/kZxBbwlKo43Ei1TKY9A6Sqntx4jslr:C77L2rIhBc1F/2fwlKo43Ei1TAgisd

Score

4^/10

pdf link

HTTP links in PDF interactive object 2 IoCs

Detects HTTP links in interactive objects within PDF files.

resource	yara_rule
static1/unpack001/Classification ; CWP003084609 K-Tech Suspension.pdf	pdf_with_link_action
static1/unpack003/Classification ; CWP003084609 K-Tech Suspension.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

20230808 suspicious email.zip
.zip

Password: N5e7LGvqgP8eSA
Classification ; CWP003084609 K-Tech Suspension.pdf
.pdf
Password: N5e7LGvqgP8eSA
- https://anthonys-organization-1.gitbook.io/k-tech-suspension/
Classification ; CWP003084609 K-Tech Suspension.msg
.msg .pdf
Classification ; CWP003084609 K-Tech Suspension.pdf
.pdf
Password: N5e7LGvqgP8eSA
- https://anthonys-organization-1.gitbook.io/k-tech-suspension/