OLP80[.]pdf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

OLP80.pdf
Size

297KB
MD5

66802a2494b8e25877a7668adfd84f81
SHA1

4fccf44e25737f6ca98badf85c2e2d366ac0fd89
SHA256

99f32e203c47217aa436d98d944ea2ad1c47cbbdfa1318e05a6b417f3561d562
SHA512

35085e934c85c8764460e8e69a5e4b536ac13e6e90e9811d89398f31cc1e5f4e6a3bc1505bfa26a26a2700e623946aae080c9d19885cd41d00c55246112706a8
SSDEEP

6144:gVZJp9VvQr2Seha7ooP+X0Z5bhgxJnN4ItXNga0vCSffT:gnJGIhBo2XC5bK3DtCaor

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

resource	yara_rule
sample	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

OLP80.pdf
.pdf
- https://www.google.co.za/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&ved=0ahUKEwix06zpo_HSAhXKaRQKHf2YC1QQjRwIBw&url=http://lottery.olg.ca/en-ca/lotto-games/ontario49/about-ontario-49&bvm=bv.150729734,d.ZGg&psig=AFQjCNFc2Qabh546-GSRQ0UIk3TRtkg4Kg&ust=1490518316296679
- http://canada.com
- http://www.lottolore.com/ontar49.html
- http://yandex.com