General
-
Target
0ee69023f18dc3790f8ba39b8e317919_JaffaCakes118
-
Size
381KB
-
MD5
0ee69023f18dc3790f8ba39b8e317919
-
SHA1
a6244896e3ca4e8c656d56370d56c74c56f6110c
-
SHA256
573ea7e828d363b0fb7298a9f7b56044afa08cf105bf6811e627ea4292b5cbd4
-
SHA512
c0ea4d5f87a776be2f5aed2aad5f842e92efea948d2a3d10e1fe3c8773e0ebc1c4378002ccfebadf76881c733fc7ff10275088946f6e90a856be290777ca620f
-
SSDEEP
6144:C9kxVyiZxraUSP9rJh5Hhuwp04Q1owmDpJ98N2Dy/SGNldn8FKKkT:C9kxVyiZMJP931UwSCpJP+/SMdn8AP
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
0ee69023f18dc3790f8ba39b8e317919_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%80%D0%BE%D0%B1%D0%B5%D1%80%D1%82+%D0%BA%D0%B8%D0%B9%D0%BE%D1%81%D0%B0%D0%BA%D0%B8+%D0%BA%D0%B2%D0%B0%D0%B4%D1%80%D0%B0%D0%BD%D1%82+%D0%B4%D0%B5%D0%BD%D0%B5%D0%B6%D0%BD%D0%BE%D0%B3%D0%BE+%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%B0+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/7//4818/4818089_supermen__2___.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4818/4818350_vneshnie__pechatnuye__formuy_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4817/4817487_skachat__filmuy__besplatno_.pdf
-