General
-
Target
3b891f662d3794ffa1d8e08dc923f787dlancecitydadsgro_1728683402.eml
-
Size
206KB
-
MD5
a22907612b0c05d31485e9b64a281e46
-
SHA1
ea2b05b13aac741c47e7f53aafff4d22029e49f6
-
SHA256
6ed5ec96809d1446eb0aeecdbd7c8a3f990a422484f4c2a5dbdb341a18a1f7b9
-
SHA512
9cedfa402c5a273c149941bf79887bedbd960ae93421d82e0af4253a9606fd597a75ad315a483546bd2da9c2d92be9fcf9e515a37ee3a3dad4df632343aa6049
-
SSDEEP
3072:cgOUk+tlbnhBGQEQnXX+PhfIfQNRhsqdSdKSy03nLCm3wHtrHtvUwCOsD+nU2G1h:cgOUk+tt9EQnXXIfbPMVLiNSw98iRGX
Malware Config
Signatures
-
PDF has QR code that contains a HTTP URL
PDFs with URL QR codes are often used for phishing
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
3b891f662d3794ffa1d8e08dc923f787dlancecitydadsgro_1728683402.eml
-
https://security.microsoft.com/userSubmissionsReportMessage
-
-
attachment-2
-
https://aka.ms/LearnAboutSenderIdentification
-
https://docs.google.com/presentation/d/e/2PACX-1vSymo2V9xN0znegU9zw8Wr1ASGWC-_ANW26PxehGccmPMZW7oINwCirGRhALgKWrYqOLXs2qpsIgm1J/pub?start=false&loop=false&delayms=3000
-
-
Goncalo Marques_Transcripts7038.pdf
-
https://docs.google.com/presentation/d/e/2PACX-1vSymo2V9xN0znegU9zw8Wr1ASGWC-_ANW26PxehGccmPMZW7oINwCirGRhALgKWrYqOLXs2qpsIgm1J/pub?start=false&loop=false&delayms=3000
-
-
email-html-2.txt
-
email-plain-1.txt
-
email-plain-1.txt