Overview

overview

4

Static

static

4

Sra-Settlement.pdf

windows10-1703-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    original (2).eml

  • Size

    157KB

  • MD5

    67c1e125ec4117b04ab54e53902b3302

  • SHA1

    4c60555bd8ed48583327819b63de5b6545678a0a

  • SHA256

    f82e314cae6d1ec546f5dc24912ffcc8112a54c722ae5ec89038201c13b04ae9

  • SHA512

    d785b4d2c3f7c76caa0a3cbe3c8706086419ec791f6d7001619ed5c55d4f3598e8bb0d28a6fb0ba5d3190956ec16a40bd9881d32b640bb9bd4eef095d6173ace

  • SSDEEP

    1536:YPEUuEdu7QemXF9DNnUjkwwI7M0704ImBHrcvhbSUJzkfHHvnSMx+9+UCzFoAAD+:YPEUhKQemTlUx5njHCJkCMoMoHPj5XBy

Score
4/10
pdflinkqr

Malware Config

Signatures

  • PDF has QR code that contains a HTTP URL

    PDFs with URL QR codes are often used for phishing

    pdfqr
  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink

Files

  • original (2).eml
    .eml

    • https://adr.zoom.us/j/61813294898?pwd=YzZQd1ozblRvZHdyQzJ1em0wUnk2QT09

    • https://aka.ms/LearnAboutSenderIdentification

    • https://www.fasken.com/en/terms-of-use-email/.

    • https://www.fasken.com/fr/terms-of-use-email/.

  • email-html-2.txt
    .html
  • email-plain-1.txt
  • phish_alert_sp1_1.0.0.0.eml
    .eml

    • https://adr.zoom.us/j/61813294898?pwd=YzZQd1ozblRvZHdyQzJ1em0wUnk2QT09

    • https://aka.ms/LearnAboutSenderIdentification

    • https://www.fasken.com/en/terms-of-use-email/.

    • https://www.fasken.com/fr/terms-of-use-email/.

  • KQVYASXARXNNGA.png
    .png
  • Sra-Settlement.pdf
    .pdf
  • email-html-2.txt
    .html
  • email-plain-1.txt