General
-
Target
d80ab10a62781d28cc69f9b8cf9f2650_NEIKI
-
Size
358KB
-
MD5
d80ab10a62781d28cc69f9b8cf9f2650
-
SHA1
d17b311df86dd96623701cd23b1ec0f1a57fcadd
-
SHA256
61c916c2b347197919cd3989eb071ce446cfe10094b085897b5e7c38b0c2bf78
-
SHA512
c1d868a292da601b76aab9d4333e690a44a0856f39fe37acb0bb85793dbe980eda642adcc1c6dec5849930c5573b5faefd3ad2d117241d079e852a0ed26bd011
-
SSDEEP
6144:GkEAA63l53XB5NmCQScoeiZa1ckxWKe38vCS+lfA1HnQZBkCXq:REAX3nhTJta1ckgKa86Jfn/Vq
Malware Config
Signatures
-
HTTP links in PDF interactive object 1 IoCs
Detects HTTP links in interactive objects within PDF files.
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
d80ab10a62781d28cc69f9b8cf9f2650_NEIKI
-
http://lib.aanet.ru/jirbis2/index.php?option=com_irbis&view=irbis&Itemid=418
-
http://science.guap.ru
-
http://www.consultant.ru
-
http://www.consultant.ru/
-
http://www.garant.ru/
-
https://clck.yandex.ru/redir/nWO_r1F33ck?data=NnBZTWRhdFZKOHQxUjhzSWFYVGhXYUVETW1PdmNaRHdZNFZ4c3hXM1dla21DTk5yZVBNVmpwTlhiRURSZGlid3BVWTlCRjhMaVpHSWF4UF85NGFZMUo1bnVRZWxnemdHR0RWRmp0bjFYOUk&b64e=2&sign=6eebbd4f1db331f530d71da5a6643efc&keyno=17
-
https://guap.ru/standart/doc
-