Static

static

4

Sharing

Copy URL Twitter E-mail

General

  • Target

    Mensajes en cuarentena (4).zip

  • Size

    106KB

  • MD5

    6f3698755227825a1882557b9ca0f0a8

  • SHA1

    3fc05b33cc54b176cafd4e6f2bd54f9cf2bbf39d

  • SHA256

    1f39ce00a41384d19811218ab29f6bcea5c94dab566837795226c0c8d7dbb00d

  • SHA512

    09bd98c00477accac0d5613250adbc975c17517603362e5c1be1e3721803c7a43ae62ffbb1afb7e02f92a79b6cbd4de759f8ebf696bda98eb716f43467951db8

  • SSDEEP

    1536:Ft1KxOWUwnqY6LTV4VzOkPkTLAie398GSHpM32XnywBl2U2CKTQQVNtrvbIqyULj:FroMozOQkPo7YX1BMHcQVNBLyq1dGkJ

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • Mensajes en cuarentena (4).zip
    .zip

    Password: 22

  • 73f4672a-366f-41b3-2c7d-08dc75be7320/c712d1ba-bbee-dc3a-67a7-ade405e40682.eml
    .eml

    Password: 22

  • Employee Benefits Enrollment for william.marroquin - ADP.pdf
    .pdf

    Password: 22

    • https://e9b046d8.8be1c954763725f27e1ca06a.workers.dev?email=d2lsbGlhbS5tYXJyb3F1aW5AYWRyZXMuZ292LmNv

  • email-html-1.txt
    .html
  • jhcmyCvXH.png
    .png

    Password: 22