Overview

overview

5

Static

static

4

34721f4266...18.msg

windows7-x64

5

34721f4266...18.msg

windows10-2004-x64

3

invoice_1805324.pdf

windows7-x64

1

invoice_1805324.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    34721f42665f168fb3052d3cb590675c_JaffaCakes118

  • Size

    204KB

  • MD5

    34721f42665f168fb3052d3cb590675c

  • SHA1

    1eff2a566c6be0d2a4bb8aa82378dcec393a7abf

  • SHA256

    066f44988ff1096205ea650ca8e99f3d7bcc79f29fc8c1b9ca5916f888959a93

  • SHA512

    f7620c5cf380314284b4341b9d3da0d7b2933cc600acea70d36482e66e69c858b26394299d455f5aaceffd68592dd543e4fced97d7faa013d00804142778e4ae

  • SSDEEP

    3072:lItHgky+mIbU9wcjZAkGaWP1kO2jx4xtGyd0U6wd5IgN3khSWCj:gby+OlA4R3x4xKjwHIg5Cn

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 2 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 34721f42665f168fb3052d3cb590675c_JaffaCakes118
    .msg .pdf polyglot

    • http://DocuSign.com

    • http://eir.ie

    • http://span.ng

    • http://talourd.com

    • http://www.americapitalpartners.com

    • https://account.docusign.com

    • https://eu.docusign.net/Member/Images/email/[email protected]

    • https://eu.docusign.net/Member/Images/email/[email protected]

    • https://eu.docusign.net/member/Images/email/docInvite-white.png

    • Show all
  • image005.jpg
    .jpg
  • image006.jpg
    .jpg
  • image007.png
    .png
  • image008.png
    .png
  • image009.png
    .png
  • invoice_1805324.pdf
    .pdf

    • http://americapitalpartners.com/