General
-
Target
2b6efdb19c3f5095330f51b58744ff93_JaffaCakes118
-
Size
362KB
-
MD5
2b6efdb19c3f5095330f51b58744ff93
-
SHA1
23488e994660008954fd675ba03d996aeb841514
-
SHA256
5433634b0ed5683717775df7eaed277ec708536ce6fde68fdfe1792219bd8586
-
SHA512
c397411c189bde2cb8934c6a90af081d8de6ab90924cd8aef669eb767669cd1eb42b8bd9f31f0451c04a0c8b7f632cf2279e3675547b69a06259a1d8c2aa36ed
-
SSDEEP
6144:nb9uVtVLTp4c6UEBaIznddstL+g96VrynUlvWbSwVokvEsQp5hGtc3r:nx2tVL14U0ddE+g9eMULwVokv3Uqq
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
2b6efdb19c3f5095330f51b58744ff93_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D0%BF%D1%80%D0%BE%D1%85%D0%BE%D0%B6%D0%B4%D0%B5%D0%BD%D0%B8%D0%B5+%D0%B8%D0%B3%D1%80%D1%8B+%D0%BD%D0%B5%D0%BD%D1%81%D0%B8+%D0%B4%D1%80%D1%8E+%D0%BF%D1%80%D0%BE%D0%BA%D0%BB%D1%8F%D1%82%D1%8C%D0%B5+%D1%81%D1%82%D0%B0%D1%80%D0%BE%D0%B3%D0%BE+%D0%B7%D0%B0%D0%BC%D0%BA%D0%B0&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/7//4772/4772152_server__terminalov__na_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4772/4772642_goulmon__leviafan__skachat_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4771/4771952_skachat__zhurnaluy__radio_.pdf
-