Overview

overview

4

Static

static

4

ATTNQ2-039...2).pdf

windows7-x64

1

ATTNQ2-039...2).pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    MDE_File_Sample_6b6db23f27d31e7c6519c28379f1d78a332fce08.zip

  • Size

    12KB

  • MD5

    d99a89ccce17ebdcae3b2b810dc56f82

  • SHA1

    d4295a1c057188b31106ddeab98072ce8917a44e

  • SHA256

    6c6be4c71f93a7890ee9e46369a076bb57e20ac6a51497d2dbec69d5df870650

  • SHA512

    f4abdd940049c92cea43e64e0da396b35f6f2d8f46453e05949e8b1db96a876d946ff745b6dc90e6a8da1df639513c68950fac20f8bb41ce768c01c8cfe81a38

  • SSDEEP

    384:KVAOSO6bxAATuvOMPn1wCemQlj3EWFzcmSXej8:KV7sb3uW8CCemyE6hS7

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • MDE_File_Sample_6b6db23f27d31e7c6519c28379f1d78a332fce08.zip
    .zip

    Password: virus

  • ATTNQ2-0395-Payment Notification for ##victimname# - 230524 (002).pdf
    .pdf

    Password: virus

    • https://wKR.poring1.com/ckEQp/#cGF1bGEuY2FtcG9zLWdvbnphbGV6QG14LmFiYi5jb20=