General
-
Target
142b789ccc8c88c068a9b82dbfb3e68a_JaffaCakes118
-
Size
370KB
-
MD5
142b789ccc8c88c068a9b82dbfb3e68a
-
SHA1
d805f65b37b27b059d41d07bcfa530e69652ff92
-
SHA256
0652df9a2c885a195d5917ed3c8342fba874be9c1215ac23e700e763f5a6c757
-
SHA512
bc38843b50f39c72dd2ae0f1a8f06f1baa0ceadbdf557123e01f72bfd868039ed069cb74908e43ca903b5a2574759898989605a0e10d68cf5dc89864c774fee1
-
SSDEEP
6144:cbXArSKB7Zhs1xIRT2Qqaw6lgHy/mc2cccH+NoKiVoG2TfyGOWIl:MAr71s74TDZwxHtzNMVoxOWIl
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
142b789ccc8c88c068a9b82dbfb3e68a_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D0%B1%D0%B0%D0%B7%D0%B8%D1%81-%D0%BC%D0%B5%D0%B1%D0%B5%D0%BB%D1%8C%D1%89%D0%B8%D0%BA+80+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE+%D0%BF%D0%BE%D0%BB%D0%BD%D1%83%D1%8E+%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8E+%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/6//4698/4698503_ubiycuy__smerti__dzheyms_.pdf
-
http://img1.liveinternet.ru/images/attach/c/6//4695/4695270_zvuki__ptic__skachat_.pdf
-
http://img1.liveinternet.ru/images/attach/c/6//4695/4695739_litvinovuy__v__svobodnom_.pdf
-