General
-
Target
e1b5c84cf7506f5e9326e19263b3a8e9610b62b13197cc673b6969a723eff63a
-
Size
1.7MB
-
MD5
9ee74ed6d6335109670da725cc5bec55
-
SHA1
ed8fae6baa19c03c94b801996700ee5c2d6108a7
-
SHA256
e1b5c84cf7506f5e9326e19263b3a8e9610b62b13197cc673b6969a723eff63a
-
SHA512
f64ceb0739e83b71f6a36260d9d9968bb6dc97383220415762d32918a1c672f9f5f229895667b7fb496966d62028055f00cbbfdf694463bc1728907862e1f2d8
-
SSDEEP
24576:CB5DZQKLysB36lehv4umxxUqMhHwR9RL8ehtzkth1gjyMHfu3QKpUJaNrs+FdP1d:CWKvB3Jb6HRpALeGT3QXQrssUYbp
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
e1b5c84cf7506f5e9326e19263b3a8e9610b62b13197cc673b6969a723eff63a
-
https://www.intezer.com/blog-evilgnome-rare-malware-spying-on-linux-desktop-users/
-
https://netmarketshare.com/operating-system-market-share.aspx?options=%7B%22filter%22%3A%7B%22%24and%22%3A%5B%7B%22deviceType%22%3A%7B%22%24in%22%3A%5B%22Desktop%2Flaptop%22%5D%7D%7D%5D%7D%2C%22dateLabel%22%3A%22Trend%22%2C%22attributes%22%3A%22share%22%2C%22group%22%3A%22platform%22%2C%22sort%22%3A%7B%22share%22%3A-1%7D%2C%22id%22%3A%22platformsDesktop%22%2C%22dateInterval%22%3A%22Monthly%22%2C%22dateStart%22%3A%222018-07%22%2C%22dateEnd%22%3A%222019-06%22%2C%22segments%22%3A%22-1000%22%7D
-
https://w3techs.com/technologies/overview/operating_system/all
-
https://unit42.paloaltonetworks.com/unit-42-title-gamaredon-group-toolset-evolution/
-
https://x.threatbook.cn/nodev4/vb4/article?threatInfoID=1417
-
https://community.riskiq.com/search/gamework.ddns.net
-
https://community.riskiq.com/search/kotl.space
-
https://community.riskiq.com/search/clsass.ddns.net
-
https://github.com/megastep/makeself
- Show all
-