32S_RETAILvantage_API_Aug_2023[.]pdf

Sharing

Copy URL Twitter E-mail

General

Target

32S_RETAILvantage_API_Aug_2023.pdf
Size

1.0MB
MD5

9bf7240d42d7ddf78ac479f9d7a9e399
SHA1

a1e212d81df57bc8b2206275ee495b05422cc265
SHA256

a0ea0e5211e4fb53d32e950c880d2fbe61d8c4046d8bafb0507818416b7fe7b0
SHA512

6c967989b5ca5c404ef9de7fccd4e7c36703fdee790c23b98fc3d2c293c00b98a3ad9f0e6669d04e0fcc186939892984771966b4395141fae66dfc20ff403f9c
SSDEEP

24576:H2slPzO2jJc4O7STes9oAEyCmACHyJzDCIphLzJS:H2svaMT39EmA2yJzLph/JS

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
sample	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

32S_RETAILvantage_API_Aug_2023.pdf
.pdf
Password: infected
- http://en-GBkoerber-supplychain.com
- http://localhost:8888/RESTWCFServiceLibrary/%20ProductsByUpdateDateRange/
- http://localhost:8888/RESTWCFServiceLibrary/Customers/000000000001?Tenant=%22TenantIDt
- http://localhost:8888/RESTWCFServiceLibrary/CustomersByUpdateDate/2017-10-11?Tenant=%22TenantID
- http://localhost:8888/RESTWCFServiceLibrary/CustomersByUpdateDateRange/2017-11-01/2017-11-30?Tenant=
- http://localhost:8888/RESTWCFServiceLibrary/Products/000000053620?Tenant=%22TenantIDt
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByCategory/
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByDescription/
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByDescription/ASHLEY
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByItemType/
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByUpdateDate/
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByVendor/
- http://localhost:8888/RESTWCFServiceLibrary/ProductsByVendorAndSKU/
- http://localhost:8888/RESTWCFServiceLibrary/Vendors/ASHLEY?Tenant=%22TenantID
- http://localhost:8888/RESTWCFServiceLibrary/Vendors?Tenant=%22TenantID
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/Customer?Tenant=abcdefg&status=D&id=33
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/Customer?Tenant=abcdefg&status=O&id=33
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/Id?Tenant=abcdefg&id=10002190
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/ShipDate?Tenant=abcdefg&status=D&date=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/ShipDate?Tenant=abcdefg&status=O&date=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/ShipDateRange?Tenant=abcdefg&status=D&startdate=2017-10-01&enddate=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/ShipDateRange?Tenant=abcdefg&status=O&startdate=2017-10-01&enddate=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/UpdateDate?Tenant=abcdefg&status=D&date=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/UpdateDate?Tenant=abcdefg&status=O&date=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/UpdateDateRange?Tenant=abcdefg&status=D&startdate=2017-10-01&enddate=2017-10-01
- http://myserver:8888/RESTWCFServiceLibrary/Fulfillments/UpdateDateRange?Tenant=abcdefg&status=O&startdate=2017-10-01&enddate=2017-10-01
- http://testemail.com
- http://www.site.com
- https://localhost:8888/RESTWCFServiceLibrary/Categories/ACC?Tenant=%22TenantID
- https://localhost:8888/RESTWCFServiceLibrary/Fulfillments?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/
- https://server.com:8888/RESTWCFServiceLibrary/Categories/ACC?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Categories/ACC?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/Collections/SOL?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Collections/SOL?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/Customers/000000000001?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/CustomersByUpdateDate/2017-10-11?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/CustomersByUpdateDateRange/2017-11-01/2017-11-en-US
- https://server.com:8888/RESTWCFServiceLibrary/Fulfillments?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/InventoriesByCategory/AFC?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/InventoriesByVendor/ASHLEY?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/InventoriesByVendoren-US
- https://server.com:8888/RESTWCFServiceLibrary/Locations?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Locations?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/Packages/P5700?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Packages/P5700?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/Products/000000053620?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/ProductsByDescription/ASHLEYen-US
- https://server.com:8888/RESTWCFServiceLibrary/ProfitCenters/1?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/ProfitCenters/1?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrder/450?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrder/450?Tenant=%22TenantIDt
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderDueDate/2021-11-01/2021-11-30?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderDueDate/2021-11-01/2021-11-30?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderItem/000000055510?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderItem/000000055510?Tenant=%22TenantID%22%0d
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderUpdateDate/2021-11-01/2021-11-30?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderUpdateDate/2021-11-01/2021-11-30?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/PurchaseOrderVendor/
- https://server.com:8888/RESTWCFServiceLibrary/Salespersons/JK1?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Salespersons/JK1?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/Styles/JK1?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Styles/JK1?Tenant=%22TenantID
- https://server.com:8888/RESTWCFServiceLibrary/Vendors/ASHLEY?Tenant=
- https://server.com:8888/RESTWCFServiceLibrary/Vendors?Tenant=
- Show all

Sharing

General

Malware Config

Signatures

Files

Password: infected