Overview

overview

4

Static

static

4

99c16a1c50...8b.pdf

windows10-1703-x64

4

Sharing

Copy URL Twitter E-mail

General

  • Target

    99c16a1c507eee0c74d1867a7260b48b.zip

  • Size

    1.0MB

  • MD5

    c2703f4facce0e4f250f2c092e307ce5

  • SHA1

    c944a5eb5372af02a51d57674f4fc5eece01cc79

  • SHA256

    fa654e21ce19f7960effbff755c24f7bf788584aeaa697a7d68106f8c85262c2

  • SHA512

    503d2d51f1fa87eb2c79bec9db00663a6ca9affe82887ba10cf2931118203ab9e25c557a86cc8ec41aa3ba6f1316a59199ef3a77d294b2ae6be046bc30529af3

  • SSDEEP

    24576:CxbpRa6Tx2BpaKBd69RusCB51osBfvi1ONVVQcdQDRzq6:CxbjT2BpaCdKAf1P3oONLQcMFf

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 99c16a1c507eee0c74d1867a7260b48b.zip
    .zip

    Password: infected

  • 99c16a1c507eee0c74d1867a7260b48b
    .pdf

    • https://www.gujcot.com/index.php

    • https://www.gujcot.com/

    • http://www.vcottonexport.com/

    • https://www.lemeriteexports.com/

    • http://www.gujcot.com

    • https://www.gujcot.com