Overview

overview

4

Static

static

4

sharepointfile.pdf

windows11-21h2-x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sharepointfile.pdf

  • Size

    190KB

  • MD5

    e4804f9f97f7a0c9c092539f8ac06a11

  • SHA1

    185bc9cec6baa09d521a36899c5b18a965cb8f83

  • SHA256

    2de28083629da048b98ad1ecefc368598458dc579a4e5436d2bdb96c4a8d230b

  • SHA512

    82add0a2e57f124835e1f2b1812ebfde74f53e08de30a85ebe21127e81a53f9108d63e2dbe15313a7542bc17f0b661f65a47d980c7def25b551e40463bddb539

  • SSDEEP

    3072:fIvOzW+/5/71FDBrE13RNawrvEBIA/F6dVX/ab3+trgtaDsslWWBUdXKxYvWTPu0:fIWC+/5/71F9g13hbGI3QbirgcsslTYw

Score
4/10
pdflinkqr

Malware Config

Signatures

  • HTTP links in PDF interactive object 1 IoCs

    Detects HTTP links in interactive objects within PDF files.

    pdflink
  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • sharepointfile.pdf
    .pdf

    • https://secure.login.mobilityworks.cloud/vwklfccocebfmysughjfuzovidpvmjtbmirbekdwiijuvuaxbkbtfvciyuknfpzroeocidbmttrmyhwsjugvswyrepandzvdeuqhybqqtfsuqulncjtuzznrsbukjqdexicevopxkcvwrpsbuyaxmsdfufuwnjllpggbvovevzmlwmdohmbkthbxuhefudqncpusttafqprupzhaccthejnvxgegwkosmlljdajcthwsjefssjkycyqediidcwe/