General
-
Target
RE Payment Note- chamado.msg
-
Size
307KB
-
MD5
9c5e07935cab28d7cc161b3f46e31800
-
SHA1
fe63aa2b2fbf07fd612dda2a273a17cd8619f66b
-
SHA256
b7933d793566a7d0df83054b6cc388db1ba4ca4a0c4e0480c195b514680befdf
-
SHA512
349f9dc4044e90219ab08b157ae7ca24885c837f359a54e92ae8f77129d960dc519de2028acf8ef7be870d4a7e81a831e9eec39caf0913cd499b385b9b20f2c4
-
SSDEEP
6144:MVAytz2H9GoBfzjWkLUb56JPcmWQke9497GuVo:MTzozjWkLUbVFFGa
Malware Config
Signatures
-
One or more HTTP URLs in qr code identified
Detects presence of HTTP links in QR codes.
Files
-
RE Payment Note- chamado.msg
-
http://caixaconsorcio.com.br
-
http://email.dealersites.com.br
-
http://office.com
-
http://www.caixaconsorcio.com.br
-
http://www.caixaconsorcio.com.br/
-
https://aka.ms/LearnAboutSenderIdentification
-
https://blogcaixaconsorcio.com.br
-
https://blogcaixaconsorcio.com.br/
-
https://mandrillapp.com/track/click/31304465/d4vi.perudosmadethat.com?p=eyJzIjoiRTU4NllqTDByYWltY1E2cXA3NlpiRTlLYnNzIiwidiI6MSwicCI6IntcInVcIjozMTMwNDQ2NSxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2Q0dmkucGVydWRvc21hZGV0aGF0LmNvbVxcXC9vRUppd0xHblwiLFwiaWRcIjpcIjYwMTg3ZjA1N2NiMjQ4NGRhMzQ4Y2FkNGRkYzlmZTNkXCIsXCJ1cmxfaWRzXCI6W1wiNTE0OTM2OGIxZjM1MDc4ZjAzMTljNDljY2Q3MzZjMmRlM2ZlMzA5MFwiXX0ifQ
- Show all
-
-
Outlook-e55yxmgp.png
-
https://connect.gptw.info/certified-company?s=d38faf19-aeaa-4cf4-b4da-67fb4afe14f6
-
-
Outlook-fnncwzyl.png
-
Outlook-ww4dr5cs.png
-
Outlook-xjgxk5de.png
-
image001.png
-
image002.jpg
-
image011.png
-
image012.png
-
image013.png
-
image014.png
-
image015.png
-
image016.png
-
image017.png
-
image018.png
-
image019.png
-
image020.png