General
-
Target
attachment (29).eml
-
Size
116KB
-
MD5
fe407d01a19194a642294ec99b0c23c6
-
SHA1
1ca587382f37aeb70297f8f82d43af84d8ae9ab0
-
SHA256
91bfe5e988ea4c687abb113b1a0375e190aecf4be29e03de7e9797830c5c8f71
-
SHA512
5c61e55ebe2f7cf5e7fc85362a8d15c1924984fa8adbc010ba844392fd820dd3f1bfa4067d311c9375eb469cbc06a18c2f1eedb929834384cbc8b039b7e0aacd
-
SSDEEP
3072:4NtjD1viuN1ImVec3/AHsZy9o57ClHUqBLKa:4Ntj5vRN1HB3/V5AH5NP
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
Processes:
resource yara_rule static1/unpack001/Dentons_SKM_C590368369060_417161.pdf.pdf pdf_with_link_action
Files
-
attachment (29).eml.eml
-
Dentons_SKM_C590368369060_417161.pdf.pdf.pdf
-
http://dentons.com
-
http://docusign.com
-
https://s%65c%75r%65%2e%61dnxs%2ecom/clktrb?id=273568&redir=https://c%65rr%6fs%65ns%65%61f%6f%6fd%2ecom/?rvqbrxli&qrc=d%6fck%65t%2eg%65n%65r%61l%2el%69t%2echi@d%65nt%6fns%2ecom
-
-
email-html-1.txt.html