attachment (29)[.]eml | Triage

Resubmissions

27-06-2024 20:03

240627-yswg8sxhpd 5

27-06-2024 19:48

240627-yjd7lazcrk 5

Sharing

General

Target

attachment (29).eml
Size

116KB
MD5

fe407d01a19194a642294ec99b0c23c6
SHA1

1ca587382f37aeb70297f8f82d43af84d8ae9ab0
SHA256

91bfe5e988ea4c687abb113b1a0375e190aecf4be29e03de7e9797830c5c8f71
SHA512

5c61e55ebe2f7cf5e7fc85362a8d15c1924984fa8adbc010ba844392fd820dd3f1bfa4067d311c9375eb469cbc06a18c2f1eedb929834384cbc8b039b7e0aacd
SSDEEP

3072:4NtjD1viuN1ImVec3/AHsZy9o57ClHUqBLKa:4Ntj5vRN1HB3/V5AH5NP

Score

4^/10

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
pdf link

Processes:

resource yara_rule

static1/unpack001/Dentons_SKM_C590368369060_417161.pdf.pdf pdf_with_link_action
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

attachment (29).eml
.eml
Dentons_SKM_C590368369060_417161.pdf.pdf
.pdf
- http://dentons.com
- http://docusign.com
- https://s%65c%75r%65%2e%61dnxs%2ecom/clktrb?id=273568&redir=https://c%65rr%6fs%65ns%65%61f%6f%6fd%2ecom/?rvqbrxli&qrc=d%6fck%65t%2eg%65n%65r%61l%2el%69t%2echi@d%65nt%6fns%2ecom
email-html-1.txt
.html