Static

static

4

Sharing

Copy URL Twitter E-mail

General

  • Target

    Tdcj_settlement.pdf

  • Size

    34KB

  • MD5

    a1bb2b2f34294bb48544414de1e66d48

  • SHA1

    22b7bda9c8f32529107795325ee8416ce41d2652

  • SHA256

    8c6d0a741df388e9bcaadc18a06c3ff14327b5f760b8deb00857d39fe5fe1044

  • SHA512

    cc01f7509f4aaa232ce3c7e7dabbaa88abbcdf6a0adc14d3824322a350fa66e99c9dc5e91e0d216a703f0d6a8b4eae1b939aad06d1b2794ae01ce822c26e168a

  • SSDEEP

    768:q1Jq/uE9YNOWEpp8PWFBrLCK1GxsdbRmSU4im:sCuE9nW+7SVsgSU4im

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • Tdcj_settlement.pdf
    .pdf

    • http://homepages.dcc.ufmg.br/~anolan/research/lib/exe/fetch.php?cache=cache&media=https://link.mail.beehiiv.com/ls/click?upn=u001.FbrCEbvZRNXNy91pQsMK8G9F6nNbdv9s48ftCtqbce-2BBtVRaT3WB8UlE1MGOIX5k7j8LOhyrE54mEMwIovfDlJmXx4PWyLNDJN3SGevSnVQbEwV5UtltUXZIeIhqo399tZhKgBquS8HQsI5rUKk9-2BazO0ixIpyPbowZqJBqNSprO-2BE0kWsr2Ns8fs0DdsK82tKlJ_7aQz3x2QYOJh6yY5kTD6qjlvFur0ZA1sprKMaeQh9EGio2tgMO1qUa8vHzx-2Fk8s95Bg9kTfc9BTy8-2BItpgILe4yvIqECcERcR9jmjqvXBY0Wv0s1z6NlJhfx4OUw-2FHi5BqfJGqZyipzhu2dgq9HRE8xB0fBeI3gQpuaTOWlRfXB694GdUt8NCiOWcxjLWFJDS3xD-2FDRKoxADtncDtIM3Sri7b3m65j2a63YGXky8Wh2LH4lsIRZxwG59SqIAzwEaYZB5FZchbAvyPJ0IMDVAzvPCuzcpINCyPLU3x-2FBbDKXrJgPKyk12QMJCr9CN4N9wY1YFYjEIwVkf4nqtygoiUJA4SHxRuTOWIlF1V0WCOWyjJc-2FDnEuVQpXgmjb0ZULdzDCRrRYrnPu272W3LNsN6vHCRM1BVRSB31ORy4GXBA9ZNduIaSfvh4nvbA8mXbY8#Y2FybWVsbGEuam9uZXNAdGRjai50ZXhhcy5nb3Y=