Overview

overview

3

Static

static

3

PastedGraphic-1.ps1

windows10-2004-x64

1

payment 12...24.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    c5b2751c-30b1-a264-016e-31f7169f040e.eml

  • Size

    411KB

  • MD5

    aabd4260d88011e5a0a28fe5699bfd74

  • SHA1

    477fb2ccf57c23ba2611b1de73bf3e88fd1a183e

  • SHA256

    47854c871a9049c31f867f7324237d565837e7088adfaf20ecd08647dc250eb1

  • SHA512

    0093e3a048ebb7225a4f4c0ac88d65506765bee1721cc40c4d9578d4a4f4eeb3c81827a64244a6c79e736e245651924abf973ea13fccf66841dfcd004f0c1820

  • SSDEEP

    6144:0zb14ku3kW7GNs8Zb3TzOzohwcFrT8d7CzCYD0GdWCFOrVgsrEfSkVlgh7:qRYkEU92ktvU6CYDtdWCMrizlgh

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • c5b2751c-30b1-a264-016e-31f7169f040e.eml
    .eml

    • http://www.electricdinerhamilton.com

  • PastedGraphic-1.pdf
    .pdf .ps1 polyglot
  • email-html-2.txt
    .html
  • email-html-3.txt
    .html
  • email-html-4.txt
    .html
  • email-plain-1.txt
  • payment 1268075 03112024.pdf
    .pdf

    • https://easyweb.td.com/waw/ezw/servlet/com.td.easyweb.servlet.InfositeTransferOutServlet?RequestedPage=products-services/banking/index-banking.jsp

    • https://easyweb.td.com/waw/ezw/servlet/com.td.easyweb.servlet.InfositeTransferOutServlet?RequestedPage=products-services/banking/apply-index.jsp

    • https://easyweb.td.com/waw/ezw/servlet/ca.tdbank.banking.servlet.LogoffServlet