General
-
Target
GetFileAttachment.eml
-
Size
5.4MB
-
MD5
f3f424ce42a71959dd7c2abbd2218540
-
SHA1
b28ef29eb4e48b636239b3a5a214464c37a4ba57
-
SHA256
9f55180c1e63221e7c6bf034e17d8eaf9baee4932162b562d3299578d6035180
-
SHA512
8123520a7035b7628c17ef7241464dbbfa086c7d3265ca863a505197a9f00bf8f6a7f6c450b314e38fc5176ef32aaa7aee4afc6cf1414fb93460f345fe55ce40
-
SSDEEP
49152:zPha65zl6DmfxIUfeCMUU+OQUworgLqyn0KM3q1zBO3G+baTmBww0xiYAiKuab1J:G
Malware Config
Signatures
-
HTTP links in PDF interactive object 2 IoCs
Detects HTTP links in interactive objects within PDF files.
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
-
One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
Files
-
GetFileAttachment.eml
-
http://www.mcarthurglen.com/
-
-
18- Provence News Flash #18- 2024.pdf
-
http://fr-FRsemaine.fr
-
http://modonetwork.com
-
https://academy.modonetwork.com/login/index.php
-
https://www.cognitoforms.com/McArthurGlen10/FashionFestivalMai2024
-
https://www.cognitoforms.com/ProvenceOutlet/BrandsMeetingMardi7Mai202413h3016h30
-
https://www.cognitoforms.com/ProvenceOutlet/HappyHoursLateNightFashionFestivalVendredi10Mai2024
-
https://www.cognitoforms.com/ProvenceOutlet/JOBDATING15MAI202415h17h
-
-
=?iso-8859-1?Q?McArthurGlen_-_masque_des_affiches_PRIX_g=E9n=E9rique_-_fo?= =?iso-8859-1?Q?rmat_A5_-_PAPIER_PRE_IMPRIME.pptx?=
-
CARTE NO LIMIT.JPEG
-
http://myfb.fr/1kHN
-
-
Fashion Festival May 2024 - McArthurGlen France.pdf
-
http://achats.fr
-
http://boutique.fr
-
http://claire.fr
-
http://fr-FRoffersfr-FRpage.fr
-
http://internet.fr
-
http://mcarthurglen.com
-
http://visiteurs.fr
-
https://www.cognitoforms.com/McArthurGlen10/FashionFestivalMai2024
-
https://www.cognitoforms.com/Mcarthurglen7/VENTESFLASHFashionFestivalMcArthurGlenRoubaix
- Show all
-
-
email-html-2.txt
-
email-plain-1.txt