General
-
Target
PW_infected_Cumminscederberg-In-Service Agreement_pdf.zip
-
Size
85KB
-
Sample
241213-qf33js1mek
-
MD5
86dcf0cc8a18e7d3612199a55b291f98
-
SHA1
6999828c81da5d37fa44e71f21459f46922e6856
-
SHA256
764f1d923c530126c9e4b1b214fe349387a49c68f93d6724ba46b4dfb63e0153
-
SHA512
c05353b772788a5250677f508f72aed03883ec199592f9e165907fd49ec647126d0b5e9eb81b5f8fbb04fe936b7306bb14028b3d66b9b12cf43f4de402a492df
-
SSDEEP
1536:FdPH5Nbqbaxa3248O4zcjcAt+pXdHx1exxHjkzu6OVuRrJJJ8sLQhaE:hNGB24B4AIAtOlxQfVu3JNW
Malware Config
Targets
-
-
Target
Cumminscederberg-In-Service Agreement.pdf
-
Size
96KB
-
MD5
539a74eb54b16527b26843d67c78066c
-
SHA1
24bcdd9d108159175da1fca4927d73a09a5435dd
-
SHA256
bb7a706618ce2ae0e544cd69f45af9be0ccba23674c91509d88e68df2d2fce89
-
SHA512
a59d0d6659a142b3b39b1520065163cc0d6f3cd6d21d45ba9b3325f88c91229d71b9b07e31f130b57b5545765bd7e475bfef60fdcf7aee87cccf7f683ab84210
-
SSDEEP
3072:bEUZMkDIp5x2FiL3MKu0cvMYPWmSSnk9Vw3p:5Mk0p5xH7z/5mSr0
-
A potential corporate email address has been identified in the URL: [email protected]
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-