Overview

overview

5

Static

static

3

pruebapishing.eml

windows7-x64

5

pruebapishing.eml

windows10-2004-x64

3

MAERSK_SHI...8U.zip

windows7-x64

1

MAERSK_SHI...8U.zip

windows10-2004-x64

1

MAERSK_BL_...8U.pdf

windows7-x64

1

MAERSK_BL_...8U.pdf

windows10-2004-x64

1

email-html-2.html

windows7-x64

1

email-html-2.html

windows10-2004-x64

1

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

pm.jpg

windows7-x64

3

pm.jpg

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    pruebapishing.eml

  • Size

    347KB

  • MD5

    af86b203bafe51e908d90546b2057ca8

  • SHA1

    a9dd3ae66a4219e8031a29fff794ee4ec39a40b9

  • SHA256

    701bb7b2022bc8d8bcb8239b32877c0a93210ebe1dc60dcb98e800429d8addf9

  • SHA512

    27ce0fe72471fedf6bc6d32a937042b1e77b251d7c8455b8935c64620695a5bc473b306e5ef30829b7202d025c1d7babd86eaa12e7a4b87dd99b4c5c5ccd0a22

  • SSDEEP

    6144:byqgoXkJKPQQtnql444D0QvtzswuLxz023QqoJPn6jkCuLQ1N2lWh9cfPU2jC:rqjQ0NeTtwDNQF96RmWH1

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • pruebapishing.eml
    .eml
  • MAERSK_SHIPPING_DOCUMENTS_d8U.zip
    .zip .pdf polyglot
  • MAERSK_BL_DOCUMENTS_d8U.pdf
    .pdf

    • https://cloudflare-ipfs.com/ipfs/bafybeic2mwjod2tr2ik5k7sjndaeujdpfup3gklnsjjljwkgmn376cusoy/MTcxNTE4MzcyNw?fhfgfghjkpuiwews4f8704-sfmaxmaersk-pgx--ifxsoporte_fe-isxfaceldi.netsf-1MC4w

  • email-html-2.txt
    .html
  • email-plain-1.txt
  • pm.jpg
    .jpg