Overview

overview

4

Static

static

4

Employee B...DP.pdf

windows7-x64

1

Employee B...DP.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    Complete via eSign_ Personnel office Enrolment Profit Compensation, Charitable Cue.eml

  • Size

    143KB

  • MD5

    a2334066901671f14058680ddeb339ae

  • SHA1

    b0c3ca4578db0a22adcc139412c10fbd02dc2edd

  • SHA256

    825d2676ed5cc01501607bcf81beec1774f18009122ed357e09553717c499123

  • SHA512

    3620e8cb554019e767a2f86a345d1ca1ac491f8c28444047ffda52ccf532fba2b21892895f213c52c34a24f7e81ac8759196537e75bd2217923d2988bd05e329

  • SSDEEP

    1536:baeVIhB9qroSurQiCT6tJ2fE8mCKFqmDNC2Cgnos2WMyTBOcN9gjCxkW4mVP5TZC:7CYo1RKqJR8mCYNDNRfHs49qQR5Z4YPo

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • Complete via eSign_ Personnel office Enrolment Profit Compensation, Charitable Cue.eml
    .eml
  • Employee Benefits Enrollment for felicity.oxnam - ADP.pdf
    .pdf

    • https://nOFZU.bmaxc.com/nOFZU/#ZmVsaWNpdHkub3huYW1AbWVsYm91cm5lLnZpYy5nb3YuYXU=

  • UlnMPUDJZ.png
    .png
  • email-html-2.txt
    .html
  • email-plain-1.txt