Overview

overview

4

Static

static

4

Invoice-INV05738.pdf

windows7-x64

3

Invoice-INV05738.pdf

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17e75ff3-9c60-4c60-b714-c6474bdb1ca7.eml

  • Size

    103KB

  • MD5

    472f8a971c3a13ed2577b45261873cd2

  • SHA1

    a2af3cd39fa2e6588a9e72d7cc37195d442636da

  • SHA256

    fddad28e430e3c3ff89d010071e7b21302b610b98a9058ecb027beb5fc8e9fdf

  • SHA512

    f8a1194f14e3f80cad62867a9a2bc4c24319e6840cf18190b7cd04dc899fcdc985ffa2987d32bf4b3fd9402f6d9ffdf4a18e91ecd933ac5bc86358bd932a8d4c

  • SSDEEP

    1536:1HT3nVHtw9yG0cuDSBrLd+Tb6W2PP56Czz0jWqGh9A5jtZx/MLrXyomPzT:1HT35tZG0cu6I+W2XgCzAC5hOjlMnQ3

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • 17e75ff3-9c60-4c60-b714-c6474bdb1ca7.eml
    .eml

    Password: Volv0V90rdes!gn

  • Invoice-INV05738.pdf
    .pdf

    Password: Volv0V90rdes!gn

  • email-html-2.txt
  • email-plain-1.txt