OFI24-00184459 GFPU[.]zip | Triage

Submit
Reports

Overview

overview

4

Static

static

4

EXT24-00135005.pdf

windows7-x64

3

EXT24-00135005.pdf

windows11-21h2-x64

3

OFI24-0018...PU.pdf

windows7-x64

3

OFI24-0018...PU.pdf

windows11-21h2-x64

3

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

EXT24-00135005.pdf

Resource

win7-20240903-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral2

Sample

EXT24-00135005.pdf

Resource

win11-20240802-en

windows11-21h2-x64

7 signatures

300 seconds

Behavioral task

behavioral3

Sample

OFI24-00184459 GFPU.pdf

Resource

win7-20240903-en

windows7-x64

2 signatures

300 seconds

Behavioral task

behavioral4

Sample

OFI24-00184459 GFPU.pdf

Resource

win11-20240802-en

windows11-21h2-x64

8 signatures

300 seconds

General

Target

OFI24-00184459 GFPU.zip
Size

231KB
MD5

b5fc76c7bf474a65e398838550f4dc7e
SHA1

d6ef26915abd6ee86c7ac76f8e37ff35e817b361
SHA256

e2b23e48734ba6dc5324316abdb6672cbba7478104547fc58761c6a76309f489
SHA512

756430405b6270064799b67a3cb09992f9e725880a77a14c7f0a586eb0dd9a0f42146cae6c3b71d24344a8491c19ccef7fccd22942121d8a4a95a110ce476d19
SSDEEP

6144:kyjnhZ9HiZ02JbTcsc37QAX3zwbzdWzqZn84fUCml9Or:Hjh7HiZXTGLJnzwnf84fU99Or

Score

4^/10

pdf link qr

Malware Config

Signatures

PDF has QR code that contains a HTTP URL
PDFs with URL QR codes are often used for phishing
pdf qr
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

OFI24-00184459 GFPU.zip
.zip
EXT24-00135005.pdf
.pdf
OFI24-00184459 GFPU.pdf
.pdf
- http://tgi.com.co
- https://psqr.presidencia.gov.co/Publico/FindIndexWeb.aspx?rad=FfX9uysiwSxQyxIGpm%2FCGnzGuh9VSp2oSVAPBejZtkQ%3D&cod=ABR0T57zMwC8iwlKHGRhXQ%3D%3D

© 2018-2025

Terms | Privacy