General

  • Target

    5bd6fcb1-5989-cfee-433b-1d8a4303ffd2.eml

  • Size

    117KB

  • MD5

    537dad29f6f67ba06dc0221c60111697

  • SHA1

    33020e0f696df0ecd68a98eb1b7e16eb586c6995

  • SHA256

    0dfcc61afd07b40f5232423b93320874230ad105dd9d62961f0a057f9f4c18eb

  • SHA512

    709ea9bd9180f303c5a55f77febe2bcae47751fce4362f3695edafa803a7dd4563e909034a1adfc830d078754742be7b114760d849a4906a783321fa63167164

  • SSDEEP

    1536:jCtr9gnsCGtJU9kZtTyzq5VJ+VWv8JbfsLxdrmUIrhacBD+xZupeDeLB0PVIv7Y6:j3nVG3U9uT5VII8wBI1acBKYB

Score
4/10

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

Files

  • 5bd6fcb1-5989-cfee-433b-1d8a4303ffd2.eml
    .eml
  • Manulife Investment Management Consent Docs#903703(Revised).pdf
    .pdf
    • https://kidpatches.sa.com/qSX0TeKfKn/.d7g/MVSgrLv2kB/cHNvbmFsa2FyQG1hbnVsaWZlYW0uY29t

  • email-html-2.txt
    .html
  • email-plain-1.txt