General
-
Target
0d5d32c86dff0f9a38d5e484db25f9e5_JaffaCakes118
-
Size
185KB
-
MD5
0d5d32c86dff0f9a38d5e484db25f9e5
-
SHA1
947e658a0e3a442d62730925b091a3b957ff318b
-
SHA256
dbcc6984531b3efc531af54ea47fcf34032d69f78f807d590e5ac64e2d026d48
-
SHA512
87ef6a0b5b5aeb75eba264c23b3168cd1c2f1465e1360048882a1c957fae6b3cf6f002764addecee2bf549ef8d55545af90e545d46a91cda47c2c579601f5012
-
SSDEEP
3072:x2irbxzGAFYDMxud7fKg3dXVmbOn5uE6Kjnf3iJn0spixC0RzMm4bGCqUw10JSL:x2MKlWQ7Sg3d4bOhfU8xRUaCS
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
0d5d32c86dff0f9a38d5e484db25f9e5_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%BF%D0%B5%D1%81+2015+%D0%BD%D0%B0+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4&charset=utf-8
-
http://fastpic.ru/
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184515_skachat_vse_albomuy_atb_cherez_torrent.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184618_otvetuy_na_biletuy_po_promuyshlennoy_bezopasnosti_rostehnadzor.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184668_ati_mobility_radeon_hd_4570_drayver_skachat.pdf
-
http://www.liveinternet.ru/click
-