General
-
Target
Quarantined Messages (40).zip
-
Size
90KB
-
MD5
4f5b466ee81a310a2d8d25d72b7a53c2
-
SHA1
77e941e3fb2a1e512bcab2c644a31c4a1eb30901
-
SHA256
ac38bc940f39e196a540ee6d308a0d7c7c594392c9de638549abe03e582d00ef
-
SHA512
c0d00251fe0f3c705c769bf9d2774925a772b606282adcd1045597c6697200a0e00cf57148d6862d27c4f70b98aa8fd3258d329039a405a2ee62a836b036a615
-
SSDEEP
1536:ysQzLGRI1f9XI5lxwvjXjACOKASJpvid4UuAr/89dXaWMhfC1Eioeb79a3jyqbD:mzL2I1SHxwvjTQ2wkdXehfkE/W03jdD
Malware Config
Signatures
-
Malformed or missing cross-reference table in PDF
Malformed or missing cross-reference tables are often used to evade detection
Files
-
Quarantined Messages (40).zip
Password: infected
-
03b51cde-89d0-41b8-5d4b-08dc6dd59182/ee4b6fe3-33d9-f225-3de1-68941c2a4362.eml
-
https://aka.ms/LearnAboutSenderIdentification
-
https://goo.gl/maps/jvZCcchhAUChbpFH8
-
https://thebeergroup.sharepoint.com/sites/DIHub/SitePages/Women
-
https://thebeergroup.sharepoint.com/sites/DIHub/SitePages/Women's-Initiative-Network.aspx
-
https://www.thebeerstore.ca/
-
-
1.png
-
2.png
-
3.png
-
4.png
-
5.png
-
6.png
-
company_profile_purchase_order.pdf
-
email-html-2.txt
-
email-plain-1.txt