Overview

overview

4

Static

static

4

tmp.pdf

windows7-x64

1

tmp.pdf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    94KB

  • MD5

    aae1590cbfe55f597232a6590c6429f3

  • SHA1

    d9ac2ae796ca42fffc8a0ffd4375d67f100c0692

  • SHA256

    2912ad50dbdcb88b1764c138190845fc54ff5cd21a3a39a475c44f88e8e81a1b

  • SHA512

    1967057a74a1328f6767cf7372ba821bf78825427c733c7ba0ca104dd6b0f45f7c928e712735e6539f27eab3e6581ed94da618740200ae013cd8675d2c4cc7f7

  • SSDEEP

    1536:wxYcCcTvaSmLg8jse7rWR1EVBFKyyjx6ukoE+nLOSHDJ6e+uP6YfljlrJYn3sR8:wxpCcTmL4eP+EI/IIOkDJ6e3rljlrJSn

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • tmp
    .pdf

    • https://github.com/leeberg/CashCatRansomwareSimulator/releases

    • https://www.dropbox.com/dropbox

    • https://learn.microsoft.com/en-us/azure/storage/blobs/storage-blob-python-get-started?tabs=azure-ad

    • http://github.com

    • http://RanSim.ps

    • https://gallery.technet.microsoft.com/scriptcenter/EncryptDecrypt-files-use-65e7ae5d