657A6930C0337F36B8E61CC8B553C4A6C716035FB77FD0C82654FF451A27E60C-DE[.]pdf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

657A6930C0337F36B8E61CC8B553C4A6C716035FB77FD0C82654FF451A27E60C-DE.pdf
Size

205KB
MD5

35295c3a0f1319e3d79bb9abaa06101b
SHA1

e8848adb1afa975c053728130b224b01892948a0
SHA256

657a6930c0337f36b8e61cc8b553c4a6c716035fb77fd0c82654ff451a27e60c
SHA512

fd6eedb0639a22b171c31e6acacc0d927bcdcf2af7e07394a0b7dcae8b061326ccd49f974b1fb8c233cdc99d8ca793d883889dd1cdf9230617edc353a59f3277
SSDEEP

3072:oSFuImPNYR+Qo6LHXA83QBFb1DEdu+qCVQdC5PwiVD5XR3RD0l9FAuXH:oSNmgnHQ8aAdD/WdC54iTR3RgJd

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

resource	yara_rule
sample	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

657A6930C0337F36B8E61CC8B553C4A6C716035FB77FD0C82654FF451A27E60C-DE.pdf
.pdf
- https://www.aldiportal.com/
- https://asg-portal.assima.net/Library/EndUser/Item/Default.aspx?LocalizedItemId=110254&RootType=2
- https://asgportal.sharepoint.com/sites/9100-project-0370/Freigegebene%20Dokumente/ARCI%20DE%20General/Overarching/4.%20Cutover%20Wochenende%20&%20Go-Live%20Ankündigung%20(ab%2011%20Wochen)/Go-Live%20Ankündigung/KER/[email protected]
- https://asg-portal.assima.net/Library/EndUser/Folder/Default.aspx?LocalizedItemId=80146&RootType=2#categories=
- https://asg-portal.assima.net/Library/EndUser/Folder/Default.aspx?LocalizedItemId=80145&RootType=2#categories=
- https://asg-portal.assima.net/Library/EndUser/Folder/Default.aspx?LocalizedItemId=81854&RootType=2#categories=
- https://asg-portal.assima.net/Library/EndUser/Folder/Default.aspx?LocalizedItemId=82765&RootType=2#categories=
- https://asg-portal.assima.net/Library/EndUser/Folder/Default.aspx?LocalizedItemId=95773&RootType=2#categories=
- https://www.aldiportal.com/.
- http://aldi-sued.de
- Show all