SOSPECHOZO[.]eml | Triage

Submit
Reports

Overview

overview

6

Static

static

6

CFEMail400...04.pdf

windows7-x64

3

CFEMail400...04.pdf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

CFEMail40039500059039504.pdf

Resource

win7-20240221-en

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

CFEMail40039500059039504.pdf

Resource

win10v2004-20240426-en

windows10-2004-x64

5 signatures

150 seconds

General

Target

SOSPECHOZO.eml
Size

74KB
MD5

da894ef16dcb910c0ad5e9f029b98482
SHA1

be1303ee558554b02997903a22469f1860d3938e
SHA256

48ef0a134b49cc7220bbfdd6879a0338afdf30be3ae7d21b80852c5c7ab3b715
SHA512

f53b7c59133d9bedb32b5a56407e065133f41485c1d5230c21618e8b261fdf79b94a369a4516dde0be6b089a4764900c908cbced98ac2deb7116dd0b11c67c67
SSDEEP

1536:P4OYXOiRqq0BrKrmL8ZW1KhMm0gqMCbcL39TpPI2aL7rLj0ABYDOnw:P4OYX5Rt8CgKliDcLfPI2a3nj0Ok8w

Score

6^/10

pdf evasion

Malware Config

Signatures

Malformed or missing cross-reference table in PDF
Malformed or missing cross-reference tables are often used to evade detection
pdf evasion

Files

SOSPECHOZO.eml
.eml
CFEMail40039500059039504.pdf
.pdf
email-html-2.txt
.html
email-plain-1.txt

© 2018-2025

Terms | Privacy