Overview

overview

5

Static

static

3

phish_aler...2).eml

windows7-x64

5

phish_aler...2).eml

windows10-2004-x64

3

assetinsur...04.pdf

windows7-x64

3

assetinsur...04.pdf

windows10-2004-x64

3

email-html-2.html

windows7-x64

3

email-html-2.html

windows10-2004-x64

4

email-plain-1.txt

windows7-x64

1

email-plain-1.txt

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    phish_alert_sp2_2.0.0.0 (42).eml

  • Size

    48KB

  • MD5

    62e4f2cf6c114f0fdb1c7d3303d10b52

  • SHA1

    a3891281b8198e434af71ce935117dbb7eede38d

  • SHA256

    fcf6e70a425d0973a5a30a9c833097f15a25ebcf5856fef599bbbacdb9c8fc8c

  • SHA512

    9a26afde11ca9588b85e26c42a43bfd06bb1f13652c3c8509c798cf32a2c9a6e38dedd4384ec2ddb18827963c59f665fb6ed6f4174be14c3f2e8bc6808ef8711

  • SSDEEP

    768:Ve9xfQNz+HWc+k3Lgi3lJxCKSLZS02TxbyX85b7sPU9xhzprMWDqC:VmxfQNz+HWc+k8rnC1EZEbVrwC

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • phish_alert_sp2_2.0.0.0 (42).eml
    .eml

    Password: 1234

    • https://aka.ms/LearnAboutSenderIdentification

  • assetinsure.com-986477004.pdf
    .pdf

    Password: 1234

    • https://www.pdffiller.com/jsfiller-desk13/?traceparent=00-f9814e1039e92a78c1645041f8a10524-39aaf5ac1b59ed2e-00&flat_pdf_quality=high&isShareViaLink=1&lang=en&projectId=1807409632&richTextFormatting=true&jsf-page-rearrange-v2=true&jsf-redesign-full=true&jsf-fake-edit-embedded=true&isSkipEditorLoadFrequency=true&jsf-probability-70=true&jsf-socket-io=false&jsf-simplified-modes-iteration-1=true&jsf-offline-mode=false&jsf-fake-edit-stream-editing=false&routeId=d7d342dec96f2a43012827d85ef557b6#c44025449e1f45f3877856ab6f4b5404

  • email-html-2.txt
    .html
  • email-plain-1.txt