General
-
Target
6ee2d62327ebd01a5d4e0c7a50ccdb2d.zip
-
Size
80KB
-
MD5
90c357be1e627d79e3469cc6152b295b
-
SHA1
df4d90bfbdea5f951445894a67396c38c14e51cd
-
SHA256
242e44b18893c5c9418d281ddba44399fbecfc5cf6df6ac60b576e8155d3e455
-
SHA512
73015bb4f7ccc6b19557b5020755e633e82e18b79e14a45866411ccfce6f4be04324fe15ee498037fc2db03062a0a46fcece0a0b9f57f83ee875eed25c14a9c4
-
SSDEEP
1536:PtOSGeQHPNuffvTr2wt4CgvTB5xrVnfiQYOcb4NfozfI71FYJcgUCHU:oSGZETrht4pT7xrFKV4sQ71eJcgTHU
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
6ee2d62327ebd01a5d4e0c7a50ccdb2d.zip
Password: infected
-
6ee2d62327ebd01a5d4e0c7a50ccdb2d
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=logout
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=mail
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=addressbook
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=calendar
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=settings
-
https://secure258.servconfig.com:2096/cpsess6327403764/webmail/jupiter/index.html?mailclient=none
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=mail&_action=list
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=mail&_action=compose
-
https://secure258.servconfig.com:2096/cpsess6327403764/3rdparty/roundcube/index.php?_task=mail&_mbox=INBOX
- Show all
-