General
-
Target
ef1cfae99eff44110eaccd9ea245c131f54758d71f75dc1c5ab5b4279a37a0c8.zip.zip
-
Size
3.8MB
-
MD5
53aa0f2f63a9a237e6cd3a2594a15cca
-
SHA1
b3fb272b756bbb9f678f40f137ccd1f4fcafbcd5
-
SHA256
2f5654ca2857be2e31d0ff262b31202e66c5b2da872c0845111c9c5a4d6f7218
-
SHA512
d49d0f9fdf9643e68da7661d8b9110e9d3bd56a115eb54a08334c7b10f9dbbbf36de51b3205ba1f40f162dfa9e1def020d324d8251cf45a7a3a7d8b7e3771c4f
-
SSDEEP
98304:IOMA4TUHZofemRDZvtwRc/x8mAs6ri18I2BzXSnq0:I5A4B9FtpmsO820X
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
ef1cfae99eff44110eaccd9ea245c131f54758d71f75dc1c5ab5b4279a37a0c8.zip.zip
Password: infected
-
ef1cfae99eff44110eaccd9ea245c131f54758d71f75dc1c5ab5b4279a37a0c8.zip
-
فعالیت در شرکت روباتیک پاسارگاد.docx
-
فعالیت در شرکت روباتیک پاسارگاد.pdf
-
http://www.crosdsl.com/
-
http://www.google.com
-
http://www.yahoo.com
-
http://www.cnn.com
-
http://vnsc-pri-dsl.genuity.net
-
http://www.l.google.com
-
http://www.yahoo.akadns.net
-
http://post-querycgi-binwww.bigcompany.com
-
http://www.bigcompany.com/staff/ali.htmgetHTTPGet/staff/ali.htm/1.0
- Show all
-