Overview

overview

4

Static

static

4

CaseyJones...01.pdf

windows7-x64

1

CaseyJones...01.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    e2c2d0bb-64cc-4369-aebc-82329a9da8ea.zip

  • Size

    229KB

  • MD5

    59e10c7a80d833b9032bcb38ffe8c0c4

  • SHA1

    f80a9f078ab39715218ac76c1065306cfc8eee3c

  • SHA256

    c7e4583ecce264207ac8405031c78ab69f121c72e5b58d5ae58b51a02a19ab39

  • SHA512

    d4e75833c3aad333fd20bbee1a878134a3817a5482740bbacd3f3abcba2cc191c248836b0b82ee47d7d4abc662d039676f9ce289fe7878c18313d874849ea294

  • SSDEEP

    6144:GKZlpCSM/Widn6ojZXpr7xg4Hhl1mEfdZecBYMfHYptBm/ahYIW:jlCSM/emXpPxgSmSdw4Df47BqaG

Score
4/10
pdflink

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • e2c2d0bb-64cc-4369-aebc-82329a9da8ea.zip
    .zip

    Password: infected

  • CaseyJones-ProNexus-INVQZ01.pdf
    .pdf

    • https://exbg.short.gy/CaseyJones

    • https://exbg.short.gy/ShannonRocky

    • https://opodo.onelink.me/RnQA?pid=CRM&af_adset=email&af_ad=crm_nl_PDA_SneakPeek_NP_X_290124__&is_retargeting=true&af_dp=op-app%253A%252F%252Flaunch%252F%253futm_content%253dUL_hero%2526utm_source%253dsf%2526utm_medium%253dcrm%2526utm_campaign%253dnl%2526utm_term%253dXX-XX-CRM-E-NL-PDA-FL-X-NP_PrimeDay8_NonPrime_SneakPeekAPP_290124_Render_435150%2526mktportal%253dNL&af_web_dp=https://wmd.god21.net/ViewSwitcher/SwitchView?mobile=False&returnUrl=http://00440-0074.airholidays.in/encryption/00152689/php/connection///#/?/[email protected]