General

  • Target

    a2e7f3210ef4f7fb06606399dd09b873715abc2ce4a45900bd2434f37d55c559.zip

  • Size

    8KB

  • MD5

    eb5583e3e63b99715bbde1376dfbf83e

  • SHA1

    12dd90935a2669f168393191133a81c4a069a0ac

  • SHA256

    c445c0bae9b5f72b7673419c5a0c8928350d00ab9d09fcd10f6caa6150b95e9c

  • SHA512

    01a6e24e3e99176e26950d9afbbb58718e608092e34e21c62c9fbdd7e6c86b426742ac1df8bb9340482239a178e1c1d890af51e5b290b92ea417ab46df27ff80

  • SSDEEP

    192:2k0fVIVYf47FN/W2A+LHpzFqa5RgjofPe8pJWSOE:2k0fV5gzw+Tpzoa5R9m8XWSx

Score
6/10

Malware Config

Signatures

  • PDF contains JavaScript

    Detects presence of JavaScript in PDF files.

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

Files

  • a2e7f3210ef4f7fb06606399dd09b873715abc2ce4a45900bd2434f37d55c559.zip
    .zip

    Password: infected

  • a2e7f3210ef4f7fb06606399dd09b873715abc2ce4a45900bd2434f37d55c559.pdf
    .pdf

    Password: infected

    • https://accounts.google.com+signin%3Dsecure+v2+identifier%[email protected]////////atom.xml?http://www.booking.com