← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Hidden in Plain Sight: PDF Mishing Attack
WHITE CyberHunter_NL 2025-02-04 Modified: 2025-02-04
727
IOCs
HIGH VOLUME
As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices. This campaign employs sophisticated social engineering tactics and a never-before-seen means of obfuscation to deliver malicious PDF files designed to steal credentials and compromise sensitive data.
Indicators of Compromise (24 / 727 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 08f67bb852c58e78e6fb3b463668eeed MD5 of e3dc7326ccf1433665c8ff4e4699f25f5d61fc77595458664204a99c396c1763 2025-02-04
FileHash-MD5 106e35ec5b4dea29097dc60c9ce03883 MD5 of e5527bff30c427e3f7a791b46f37ee34e2d84d68a08b10b515489fdbb69d6b33 2025-02-04
FileHash-MD5 1c5ed4aeacd42f50bc523984a4c9d2bb MD5 of 6ba2ed3c9da8b12e5b741188c5933ed9ba0dc33a6c4815192d46ef9af2e0e0a3 2025-02-04
FileHash-MD5 211c8c277c37dd534827870464ad6c2b MD5 of e0b0f22f7fb4509305759f4eaa33fe8a85a14e23088b939fc740653b15a2c76c 2025-02-04
FileHash-MD5 262017b7b49d84cff63691e39caa6dae MD5 of d3885e413df12a6afa7f4c01b31d9c874349b30f91dd1bfa0ec6921c542829d4 2025-02-04
FileHash-MD5 29933f6243891afa37349833ba5bad15 MD5 of b707c1ceb1fd97ddf9f9ca042a60d848603458342756a5911576b76d3b5df231 2025-02-04
FileHash-MD5 42cf2a32bdd6be478a4b370049d49fdb MD5 of a679d259028d6d4f7a5ef837ebcc6083d57ee58717665c2584f3a9f068a702c4 2025-02-04
FileHash-MD5 47c096718b341f81c7b0011b125c40a8 MD5 of 55e111166754ece010799467ba8698d7653ab8f97eef5865510527522f0c2788 2025-02-04
FileHash-MD5 577989bbfd720541675e4de6bbfbec6b MD5 of 926471dba00cab1c1be79360bf720370ef8354fc751f2e7d5e8b58430c8eb162 2025-02-04
FileHash-MD5 74162ed18de63dc9986811ac686e14bf MD5 of d3bbc4f53070cb336c44be7e078ef930bab4a3f91ff224379b8253eb4ad4a166 2025-02-04
FileHash-MD5 8060473914fc09cc6053f609711d3476 MD5 of ffb5981688d530dac544ef29e4bd593a50649919e79cb33c4f9f5929f571649d 2025-02-04
FileHash-MD5 8e19218ceea9a01672a9ae799e583f45 MD5 of 074901a5a9153bbc4783ae46eecf1ccb732a0bc7979c5e225d24b6593bde9ded 2025-02-04
FileHash-MD5 959e73316fecaed69182c17a394ab79f MD5 of 37df7d1ffab2ab1275c93aec786de86a6c9aebeb2643858ac8bb5c3500cdc4e8 2025-02-04
FileHash-MD5 95a7dbda10b37b6fad039323a0df70e0 MD5 of b489dd56b58d3e9a5b6c5159e814b5477f4d90ee871045181109aeb845c8a451 2025-02-04
FileHash-MD5 aa1bbaf5238e7261dbcafe4938658d32 MD5 of d08fdd767492f8f7fbf083d03fd937fb874738db24d16f15160a2714cdb9d8c0 2025-02-04
FileHash-MD5 aacd4dff32afa6cca46bf68e717d6ba1 MD5 of 512eccdc7ea0d140da1b36c6625fd60d328ded7ad9760cdd3ea7f6baa799bd57 2025-02-04
FileHash-MD5 bad17a349c9c00e24681f0039e190804 MD5 of febfba3b56611696e3904c6d7f8993d4542a57b9f8c2beeb5c190ce8f23266b2 2025-02-04
FileHash-MD5 bcd659f9c14ce62d26f0fdd3cf5a3b5f MD5 of e6bdd399e5b9734bd36f7f54e2449b670bd16c752689fbd2925f2fa0f566ecc5 2025-02-04
FileHash-MD5 ca3419b803e7cd03fcd1d23dc1406575 MD5 of a437de92861b01f4bdc8ee3bf6feffc67ffa7b7947c1e148ee506d95bc8ee0bf 2025-02-04
FileHash-MD5 cd733b46e4b0d7ac2f53a17a06876c62 MD5 of 3dfab3f302d8e78f6cdc8ca6acb64179e20c4bddb6540126cdac6fc27c42beee 2025-02-04
FileHash-MD5 d27a4a27c80ace2d8aa4cfca06cc5e37 MD5 of aa7633b45e5a36efce6aa7e0eb202eb2af2d9094c2256ed73e9c1ec9b707de38 2025-02-04
FileHash-MD5 e2f83221ed0ca28764a6a197e29a7ccf MD5 of 7849abc25f02a8f695d4050e08541dbe1eb6428fd250c4eba85909be9db9806b 2025-02-04
FileHash-MD5 e657f882a7cf6f6834de2e224c5c0208 MD5 of 18094c18806bbc2e2aa9c76fa036b5ff0fdde432b357d23e8cb14a800aead518 2025-02-04
FileHash-MD5 ff1bc3cc55fa7827ff7ffbbf91f93b38 MD5 of 31977f0d13c0dbfacce3b85eb8017552a0a42827a0bca973b998b3bd61fd02a8 2025-02-04
References (1)
↗ https://www.zimperium.com/blog/hidden-in-plain-sight-pdf-mishing-attack/