Overview

overview

4

Static

static

4

af31d1ab43...43.pdf

windows7-x64

3

af31d1ab43...43.pdf

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1d243972c95b38f49d1d15436c2a6fc.bin

  • Size

    36KB

  • MD5

    a206331c671983868e006baff23613af

  • SHA1

    1e9e634abfe126d7b0fbaa7b1297bf1253667d15

  • SHA256

    84e9e64f4e57e4f0652eb01acb59f53daf5608e6bcca988e6540261fbcbe1f79

  • SHA512

    9159f49af88706364bedb6846056439a340785c01e3b42fa35489c0b0e6316b9c353f370b55c8e5abcf1c95f6432665d33abe74d3d4b43c32831db025a09e91a

  • SSDEEP

    768:Nv0YAHaTziQSHf0m9vMGvQH67fAonsgrSsPjMzYP2KcvoVmvvyTjSaQTI:Nv0YOa35Sr9vMkQHjonfjMQ6oVuyyQ

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • b1d243972c95b38f49d1d15436c2a6fc.bin
    .zip

    Password: infected

  • af31d1ab43b5647b6000682c6fd6a139634c597533c9f23669aef3b88fd4f643.pdf
    .pdf

    Password: infected

    • https://ceo.ca/api/banner_redirect?channel=g&url=https://watercolorjourney.net/afew/ribs.html&banner=824