Overview

overview

4

Static

static

4

6d53303c03...18.pdf

windows11-21h2-x64

1

Resubmissions

Sharing

Copy URL Twitter E-mail

General

  • Target

    6d53303c036d80e24ed6b7ae5e81fdfb_JaffaCakes118

  • Size

    502KB

  • MD5

    6d53303c036d80e24ed6b7ae5e81fdfb

  • SHA1

    dcb0089062fe06a19535139ba1238b1c30b1ecf1

  • SHA256

    7e1a8d1830b8eabf015c559df700784d9079a4f03d09a872ef2856a71f081297

  • SHA512

    ca2e0f66c756b69aba4eda37f9b9da6430bf0e03aadd41e54f2195c6e308d45a4157f815dea6cbb882ebda95d61a6752b860f9a921d2e438494bc38e5add34af

  • SSDEEP

    6144:4lIBeeh52TGyIBeehf2TQWK+OavsPrGc9AKQik89iDlD0uuwgi29pNB3nPTCJ0mK:4SBA6fBmEWK+O6scctADl+xN1+JQQbG7

Score
4/10
pdflinkqr

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 6d53303c036d80e24ed6b7ae5e81fdfb_JaffaCakes118
    .pdf

    • http://mail.ru

    • http://nappf.ru

    • http://navpam.ru

    • http://navpam.ru/

    • http://navpam.ru/artmedia/documentaln-filmy

    • http://navpam.ru/artmedia/khudozhestvennye-filmy

    • http://pobeda.poklonnayagora.ru/city/

    • http://pobeda.poklonnayagora.ru/tech/

    • http://www.за-честные-продукты.рф/

    • Show all