General

  • Target

    Approved for Amelia file id YOANHXKAIS.msg

  • Size

    140KB

  • MD5

    0c1cc32f3b278196bed7251d4d7a6924

  • SHA1

    7e3ea004fbd9fbe92a00ea4c1ebc9cc105fd7973

  • SHA256

    e17181be7dd1c9d64a8010c204f2beba1a3c7f0b852dec538ed14d87c440d485

  • SHA512

    52eb882a396462e8c058aae7b896bd251ae8334463ef2207dc0a290c7bb4270f55c172b168c1a5a5f6af1bb93069f69b0f1f8959aeed64fe525f4a4f6e79dfdb

  • SSDEEP

    3072:jBUcFsYVxZmNGZnF75JU5D+X8etN+owg5BP:tUwFVxZm6nlRRtYoB5

Score
4/10

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

Files

  • Approved for Amelia file id YOANHXKAIS.msg
    .msg
    • http://cargosolutionexpress.com

  • Amelia-In Service Agreement-512773.pdf
    .pdf
    • https://shop.ascd.org/SSO/logout.aspx?redirectURL=https://tricco-group.com/curx.html#[email protected]

  • OFRMAURTXPMX.png
    .png