General
-
Target
0959430aaf4a0bb7c4e8880d43607dd0_JaffaCakes118
-
Size
361KB
-
MD5
0959430aaf4a0bb7c4e8880d43607dd0
-
SHA1
3ece9081b6ceb711f43fe1a2921378535586c517
-
SHA256
72e971cd40f8d2515ba04b0c026528542f1790671870972339eb8dee84a54c54
-
SHA512
4fc16bc5a9dacd6208ae3b69339208ff373dd1caebd94bca0ce5b569afe9cda9690e661b2e4cce5908aab9cfcb2c28b3ed36d0cf525eae46a29953938e50c9eb
-
SSDEEP
6144:ZpKzWFgVss/TewOpyYYcXdkSK2CqU7+8cFi6eVJvDXiBRDA9Y:LEWqV/JWk32CP7+Li6YJLSBr
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
0959430aaf4a0bb7c4e8880d43607dd0_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D1%87%D0%B8%D1%82%D0%B5%D1%80%D1%81%D0%BA%D1%83%D1%8E+%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%83+%D0%B4%D0%BB%D1%8F+%D0%BC%D0%B0%D0%B9%D0%BD%D0%BA%D1%80%D0%B0%D1%84%D1%82+%D0%BD%D0%B0+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4&charset=utf-8
-
http://img1.liveinternet.ru/images/attach/c/6//4725/4725186_vorobeva__tochechnaya__rospis_.pdf
-
http://img1.liveinternet.ru/images/attach/c/6//4725/4725309_programma__dlya__otkruytiya_.pdf
-
http://img1.liveinternet.ru/images/attach/c/6//4725/4725782_pochta__rossii__doverennost_.pdf
-