General
-
Target
FW external Signature Requested Secure Shared Docs Via e-Sign #RANDNUM2 - Adtalem Executed Agreement Docs #11372(REVISED) - Thursday 20th of June 2024..msg
-
Size
184KB
-
MD5
729ba87b46669155269f177847d87480
-
SHA1
8d5d88ffd132720b19ee4f3ce86d51aa8c4de10d
-
SHA256
2c07ada146ee1b571c7f908a7a6c79540664b869a6ba0a0a0926b3b3aa6b788a
-
SHA512
1af305dc9d2ef5a1cb84bc445c003c5abb09f42026e35c24e9171ae8a92f7816eb0631d466882b9b4c99b14e757f042083b324cca83b6d24807e0a6de3b24381
-
SSDEEP
3072:TglC/FgEpKvgMgGBiLULDi+vDhtI43d52mgOSLIDPi:L/LKvgniiLUKh4SfO
Malware Config
Signatures
-
PDF has QR code that contains a HTTP URL
PDFs with URL QR codes are often used for phishing
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
FW external Signature Requested Secure Shared Docs Via e-Sign #RANDNUM2 - Adtalem Executed Agreement Docs #11372(REVISED) - Thursday 20th of June 2024..msg
-
http://adtalem.com
-
http://surfingfrance.com
-
https://aka.ms/LearnAboutSenderIdentification
-
-
Adtalem Global Education Signatures Consent Docs#730669(Revised).pdf
-
https://ketosisoj.za.com//jskZrYp9he/.d7g/2X0YkmljFC/cm9iZXJ0LnBoZWxhbkBhZHRhbGVtLmNvbQ==
-