Overview

overview

6

Static

static

6

Users/jqiu...2).pdf

windows7-x64

1

Users/jqiu...2).pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1c1856fd-989a-4a0b-ba86-cc3b7572ba5d.zip

  • Size

    88KB

  • MD5

    4502f59bd62ce1f0ca2f5be30bf908db

  • SHA1

    7e9190ecf3ab1174a8f90e62e41e9f880aca7222

  • SHA256

    1fb6189ef9d61648782e84b2f66dca91131eb70e7f148193c2f5f1d4ca01840b

  • SHA512

    8bcecbe76e07fe98fc0a96ac68f32989b9524f2bb669d39bb481f30af0c006ee5df89772a6d1212841a92d17db004fc929d328ef142a7cda138cd5d34d68293a

  • SSDEEP

    1536:Y20tgsPktM9j8J4t34d4K4gN12lNBV9JgrIsOfC4tMXUoH1IwJQ+FNQiHDqlSWH:Y20TkeF8g346KHg9qcsOq4GH1IwJQ8Qp

Score
6/10
pdfevasion

Malware Config

Signatures

  • Malformed or missing cross-reference table in PDF

    Malformed or missing cross-reference tables are often used to evade detection

    pdfevasion

Files

  • 1c1856fd-989a-4a0b-ba86-cc3b7572ba5d.zip
    .zip

    Password: infected

  • ProgramData/McAfee/QuarMeta/1c1856fd-989a-4a0b-ba86-cc3b7572ba5d
    .xml
  • Users/jqiu/AppData/Local/Microsoft/Windows/INetCache/Content.Outlook/2RH9S300/Final Payment (002).pdf
    .pdf