Overview

overview

4

Static

static

4

Manulife-a3A5GbP.pdf

windows7-x64

1

Manulife-a3A5GbP.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    [EXTERNAL] Completed_ PR 08A - Draw docs 6387762.eml

  • Size

    111KB

  • MD5

    e5db14407955ad575d069215ea220a9b

  • SHA1

    3031f30ab3c936ea11c9d03357f13d43f4499762

  • SHA256

    eda93cdc3d434e3ea6bd19f03c50f26f96584eb6708d713f2e22ae4c8649e626

  • SHA512

    357e8ed0221d575512d2db9ec17bddb914b68d3ca033595cd6f1dec4c7c793dab08e7e1e2a9e2f10e10b8efb0a69ac09abd075c49873ca8215ce5c721b1ff311

  • SSDEEP

    3072:BmfC5ZzFRzcTijSgbXZLxeRfpEyGtocELw8T5QQPig:Bma5ZpRdSgbJLxeRfyyGtocEs8TyQPx

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • [EXTERNAL] Completed_ PR 08A - Draw docs 6387762.eml
    .eml
  • Manulife-a3A5GbP.pdf
    .pdf

    • http://manulifeam.com

    • http://ross.biz

    • https://opodo.onelink.me/RnQA?pid=CRM&af_adset=email&af_ad=crm_nl_PDA_SneakPeek_NP_X_290124__&is_retargeting=true&af_dp=op-app%3A%2F%2Flaunch%2F%3futm_content%3dUL_hero%26utm_source%3dsf%26utm_medium%3dcrm%26utm_campaign%3dnl%26utm_term%3dXX-XX-CRM-E-NL-PDA-FL-X-NP_PrimeDay8_NonPrime_SneakPeekAPP_290124_Render_435150%26mktportal%3dNL&af_web_dp=https://rababnkhan.com/9754RES/1103/new/new/[email protected]##

  • email-html-2.txt
    .html
  • email-plain-1.txt