Overview

overview

3

Static

static

3

DBX0603983.pdf

windows7-x64

1

DBX0603983.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    DBX0603983_pdf_PW_infected.zip

  • Size

    140KB

  • MD5

    f0d6a41650acdcee32a445169a67e66e

  • SHA1

    3fd1ae9e03f10321ea1fae3ffce70f657204c52f

  • SHA256

    cbbb2f724aa769ac8af78280459fab1301484cf1d360a43d98ec65b164cbc061

  • SHA512

    a97b34adae7f0c00580942c506ecf658b98b5fff547d2c4338b38020bbf142d438d010abeb9a407adb3dc8fc4a99ea96cc60241acb782a065d5e4c21fb041b0a

  • SSDEEP

    3072:Jz80UobWHxR6/kEJpskmuzOnTu4UYZR6IgbsxmSvqbWtQ3Do/01zd:J40UWWecuyu4TKYR6HbWtQ3D4Gzd

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • DBX0603983_pdf_PW_infected.zip
    .zip

    Password: infected

  • DBX0603983.pdf
    .pdf

    • https://mybill.dhl.com/hawb/ext/DHL%20CH/DHL%20Express%20Switzerland/IBS%2B/DBX0603983/6461955710/

    • http://vatquery.ch

    • http://dhl.com

    • https://e-dec-web.ezv.admin.ch/edecZugangscodeGui'vous

    • http://www.edec.ch

    • http://www.estv.admin.ch

    • http://www.bazg.admin.ch