Overview

overview

4

Static

static

4

e5ddad055d...KI.pdf

windows7-x64

1

e5ddad055d...KI.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    e5ddad055dc9d2ba7626fd13be776d90_NEIKI

  • Size

    570KB

  • MD5

    e5ddad055dc9d2ba7626fd13be776d90

  • SHA1

    b210b537d45305afa7baa98f5b4cc5adfd9eebfe

  • SHA256

    6a05d6b5d6a3d132839b2c2dfa3720cc507f4b5c2ac567d153c8673eb3c605d9

  • SHA512

    0700911efdcda6d034d2fb788e1ded0e9629480062e3cd216bda5936e1b8a08ca051b1e002443ac9c4479818b2ea0c8eb26d92faf917f036d89307143f5bb43b

  • SSDEEP

    12288:dDgKWP8KGeylr6ATJUD6NpE8XQ+doOVWYaA6C1pn:BgK8tG9FxeTYJ6CT

Score
4/10
pdflinkqr

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • e5ddad055dc9d2ba7626fd13be776d90_NEIKI
    .pdf

    • http://www.unicity.com/taiwan/Free

    • https://line.me/R/ti/p/_lunnmIUCo

    • https://www.facebook.com/unicity.tw