Behavioral task
behavioral1
Sample
TAU - 0934 Analysis Report on Suspicious Websites used for Investment Scam.pdf
Resource
win7-20230831-en
windows7-x64
Behavioral task
behavioral2
Sample
TAU - 0934 Analysis Report on Suspicious Websites used for Investment Scam.pdf
Resource
win10v2004-20230831-en
windows10-2004-x64
General
-
Target
Analysis Report Suspicious Websites used for Investment Scam and Phishing URLs.eml
-
Size
336KB
-
MD5
5ad5ee6595e37c15e401e158450bf58b
-
SHA1
979fccdcdee73aecb67729ef387ba15e0a57bd08
-
SHA256
f3abf8fade6d60ca4c1a56368d48107e23ab317ae071cc7e4da938ee22dbd231
-
SHA512
9b97a5ef090f766f7b6381bb06fb141eb5b884240cdc8d4c5754fe12772c6d88a25efb50f7dcdd4f83dd2315bd943f71181c501b1e5955b64add7c900aab77eb
-
SSDEEP
6144:xVUVuHkUHstHCIsXsciBMFIdpwkCibhtP++zjNb:UV4kUMtHh6UJda2Npltb
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
resource yara_rule static1/unpack001/TAU - 0934 Analysis Report on Suspicious Websites used for Investment Scam.pdf pdf_with_link_action
Files
-
Analysis Report Suspicious Websites used for Investment Scam and Phishing URLs.eml.eml
-
TAU - 0934 Analysis Report on Suspicious Websites used for Investment Scam.pdf.pdf
-
https://hbzw64.com/#/register
-
https://shopifyjob.in/m/register?codeno=444962
-
https://inamason.org/index/user/register/invite_codeU4MH3Q.html
-
https://shopifyjob.in/m/register
-
https://ama6677.work/register?invite_code=0764ab
-
https://pnr-vips.com/index/auth/signup/invitecode/mdlpXj.html
-
https://nyse-stratlitoin.pages.dev/#/pages/register/register
-
https://afimalls.com/
-
https://swittatch.com/
-
https://shopifyjob.in/
-
https://otsellid66.cc/index/user/register/invite_code/XP4JCH
-
https://xasgs.in/register
-
https://on28.group/#/
-
http://k57i7.com/#/orderlist
-
https://kk.mack77.shop/
-
https://8325gg.top/index/user/statistics.html
-
http://h3hg0.com/?invite=qhwcy#/register
-
https://bm7.in/
-
https://shopifyjob.in/m/register?codeNumber=692158
-
https://financeokx.com/register?InviterCode=a158665
-
https://qymaa.net/?invite=rkbcy#/register
-
https://58work.in/?invite=null#/register
-
https://8325gg.top/index/login/register.html
-
https://lgd2023.com/h5/#/pages/common/register
-
https://www.anglesey.pro/#/register
-
https://www.skyscannerairticket.com/login
-
https://on28.group/#/register
-
https://www.otsellid66.cc/index/user/register
-
https://qymaci.net/#/register
-
https://kishansolaryojna.online/
-
https://mexd1.cc/Login/register
-
https://www.ucoin8.xyz/h5/#/pages/common/register
-
https://inamason.org/index/user/register
-
http://www.krakennz.com/
-
https://q0o.663.myftpupload.com/
-
https://kdc.asia/h5/register
-
https://customerlovesupport.com/support
-
https://www.ultrarr.cyou/
-
https://unocoin.vip/#/home
-
https://www.crocsstores.in/
-
https://www.oakleysunglasseslndia.com/
-
http://olaelectricsbook.online/ola-scooters/
-
https://courierservicesin1.wixsite.com/courier
-
https://www.haldiramsin.vip/register
-
https://shpe.shop/index/user/register
-
https://upi.hpays.net/#/u/1102550534994288640
-
https://www.flavorrider.in/
-
https://www.dibiz.com/customersupport7980866437
-
https://payment.couriernow.live/
-
https://courierservicepay7.wixsite.com/courierservicepay5
-
https://oppionz.online/
-
https://www.wowrummy.in/rtime2/?source=156
-
https://trackonlin.wixsite.com/bluedart-courier
-
https://courieractivations.co.in/
-
https://hbzw64.com/#/registeren-US
-
https://shopifyjob.in/m/register?codeno=444962en-US
-
https://inamason.org/index/user/register/invite_codeU4MH3Q.htmlen-US
-
https://shopifyjob.in/m/registeren-US
-
https://ama6677.work/register?invite_code=0764aben-US
-
https://pnr-vips.com/index/auth/signup/invitecode/mdlpXj.htmlen-US
-
https://nyse-stratlitoin.pages.dev/#/pages/register/registeren-US
-
https://shopifyjob.in/en-US
-
https://otsellid66.cc/index/user/register/invite_code/XP4JCHen-US
-
https://xasgs.in/registeren-US
-
https://on28.group/#/en-US
-
http://k57i7.com/#/orderlisten-US
-
https://8325gg.top/index/user/statistics.htmlen-US
-
http://h3hg0.com/?invite=qhwcy#/registeren-US
-
https://shopifyjob.in/m/register?codeNumber=692158en-US
-
https://financeokx.com/register?InviterCode=a158665en-US
-
https://qymaa.net/?invite=rkbcy#/registeren-US
-
https://58work.in/?invite=null#/registeren-US
-
https://8325gg.top/index/login/register.htmlen-US
-
https://lgd2023.com/h5/#/pages/common/registeren-US
-
https://www.anglesey.pro/#/registeren-US
-
https://www.skyscannerairticket.com/loginen-US
-
https://on28.group/#/registeren-US
-
https://www.otsellid66.cc/index/user/registeren-US
-
https://qymaci.net/#/registeren-US
-
https://kishansolaryojna.online/en-US
-
https://mexd1.cc/Login/registeren-US
-
https://www.ucoin8.xyz/h5/#/pages/common/registeren-US
-
https://inamason.org/index/user/registeren-US
-
http://www.krakennz.com/en-US
-
https://q0o.663.myftpupload.com/en-US
-
https://kdc.asia/h5/registeren-US
-
https://customerlovesupport.com/supporten-US
-
https://unocoin.vip/#/homeen-US
-
https://www.crocsstores.in/en-US
-
https://www.oakleysunglasseslndia.com/en-US
-
http://olaelectricsbook.online/ola-scooters/en-US
-
https://courierservicesin1.wixsite.com/courieren-US
-
https://www.haldiramsin.vip/registeren-US
-
https://shpe.shop/index/user/registeren-US
-
https://upi.hpays.net/#/u/1102550534994288640en-US
-
https://www.flavorrider.in/en-US
-
https://www.dibiz.com/customersupport7980866437en-US
-
https://payment.couriernow.live/en-US
-
https://courierservicepay7.wixsite.com/courierservicepay5en-US
-
https://oppionz.online/en-US
-
https://www.wowrummy.in/rtime2/?source=156en-US
-
https://trackonlin.wixsite.com/bluedart-courieren-US
-
https://courieractivations.co.in/en-US
- Show all
-
-
email-html-2.txt.html
-
email-plain-1.txt