Overview

overview

7

Static

static

3

_MACOSX/_M...re.exe

windows10-2004-x64

3

_MACOSX/_M...re.vbs

windows7-x64

1

_MACOSX/_M...re.vbs

windows10-2004-x64

1

_MACOSX/_M...me.lnk

windows7-x64

4

_MACOSX/_M...me.lnk

windows10-2004-x64

7

_MACOSX/_M...��.pdf

windows7-x64

1

_MACOSX/_M...��.pdf

windows10-2004-x64

1

李新宇-...df.lnk

windows7-x64

7

李新宇-...df.lnk

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2aba0c4cfb95beba9ddb8208234f1b6f2eb1b9d0a20ffb74b807d169f385c810.zip

  • Size

    257KB

  • MD5

    432230af1d59dac7dfb47e0684807240

  • SHA1

    e9dc026ad716e3a3f7519092b54d9e4c046dfbc4

  • SHA256

    2aba0c4cfb95beba9ddb8208234f1b6f2eb1b9d0a20ffb74b807d169f385c810

  • SHA512

    d75ca80558696af939ac5cdbb366d842bfbc6bf450358249d62cfff15f3c834fac78b569ba29074cf26cbe875d8aa0ebf1719d3f7dc7c954f358f120192671a8

  • SSDEEP

    6144:8uZofOWMUboY7L97A5UDQGVjPP8nRWoFV+hHlOO:8Kul97A5ULVjsn/jWx

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2aba0c4cfb95beba9ddb8208234f1b6f2eb1b9d0a20ffb74b807d169f385c810.zip
    .rar
  • _MACOSX/_MACOSX/DS_Store
    .exe windows:10 windows x86 arch:x86

    a9ad717307c7a48543497b647526c77a


    Headers

    Imports

    Sections

  • _MACOSX/_MACOSX/DS_Store.vbs
    .vbs
  • _MACOSX/_MACOSX/filename.lnk
    .lnk
  • _MACOSX/_MACOSX/李新宇-北京大学-2026毕业-金融硕士.pdf
    .pdf

    • http://163.com

  • 李新宇-北京大学-2026毕业-金融硕士.pdf.lnk
    .lnk
  • 联系方式/联系方式.txt