Overview

overview

4

Static

static

4

RFQ# RE-6....es.pdf

windows11-21h2-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    PW_infected_RFQ# RE-6_212268 Supply Safety Shoes_pdf.zip

  • Size

    255KB

  • MD5

    c11eb32da3ae9c58d367820af2895c26

  • SHA1

    a1d6012cc2bcbd309ce8a8528e0183d6184da1f0

  • SHA256

    b3b1d7ae98b2bad25ccb049701280184a30c83ddb4c365fdd2cf0ec5c364d62d

  • SHA512

    ba7ecdb9b8e60878e09f272e9bab43f40b5cb338cc95ccbf700775eb4dc1981603d5d248a9b5247eda350c3a31e3cf2c0bb605ec5a37a1b30c65fccdcead87d1

  • SSDEEP

    6144:Cfz+rRiFob5xhsKmXHJVKRh9pl9rCpZu7H1vG4FhtgyVsIhW5jPByQ:CPqjtGKjh1lr1v3FwyGIhWx5F

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • PW_infected_RFQ# RE-6_212268 Supply Safety Shoes_pdf.zip
    .zip

    Password: infected

  • RFQ# RE-6.212268 Supply Safety Shoes.pdf
    .pdf

    • http://procurement.re

    • http://re-petroleum.com

    • http://re-pfm.cm

    • http://www.re-petroleum.com

    • http://www.re-petroleum.com/