General
-
Target
Payment Receipt.pdf
-
Size
12KB
-
MD5
c0ea2b7f6bf171a17c59741c591d926a
-
SHA1
59efad4bd566dd48ebe8ff95273ae81902463b59
-
SHA256
53b187093d75f15b8ec28758ed437b96e4adcfc98f59458372beb731385fdcaa
-
SHA512
74fe2627db9d9a0cefe814f9b7a909fb544d1d150ac952df3a146d7005f56d54ca0410705001a3f032dfda2e4b2bba348fa82d010dba5271a32cdd62c743f967
-
SSDEEP
384:ZR/LJ1vKuCLqb4qqjRInyXoeiFw8hDL7zffupUJSaV:ZR/91aeb4qqVInzFw89LHffIUJSaV
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
Payment Receipt.pdf
-
https://a.rs6.net/1/pc?ep=da50e80498ba95c3IXZN_NuecaqDT1xlSuW9tyx5jqnkWu3BJiGkeGzo46Eup6Y7vbSg6jLm1H_1tTGxxDBIgyn32sY7YtCwqNKnlLzIdFslPfjlfbQ8gRY1kxeB3f7V2NsSPN19KGnZsW72SIfr21OTaWdtvNxclbJDfWRDg2lgX34bDDxdQ-TaZFRXYlVtWKEtUBZxatGsTwHiwgm7Utj8AQOZYllbUgzouQ&c=$%7bContact.encryptedContactId%7d
-
https://blue-oceans.net/doc_payment/adobesecured.html
-