General
-
Target
31a92e9897841805746db8f66823cf91_JaffaCakes118
-
Size
351KB
-
MD5
31a92e9897841805746db8f66823cf91
-
SHA1
9048912dfd3098f9ddf67d915a1715f9f1a07e41
-
SHA256
7c2842fed21c71e5609dbacf5ab2ee801f08c47300dd0ea60ada075b0cf27d79
-
SHA512
042b9a57f17bcebfc511fb86a711f5d1fbffd9d3f871fd9544e2744f7568d227663ae4868131836102d00836dd4e93ade710e3b9cde5dc470aa00504cf480252
-
SSDEEP
6144:Qh11RD3whJFDhFk0Y8k93ng0K2orJm3sBshkJrRxm29JQNdEQsbO212J40:yD3Kr9FkPhZ6Ds8VxmDdrsbOk0
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
31a92e9897841805746db8f66823cf91_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%80%D0%B8%D0%BD%D0%B0%D1%82+%D0%B2%D0%B0%D0%BB%D0%B8%D1%83%D0%BB%D0%BB%D0%B8%D0%BD+%D0%B2+%D0%BA%D0%B0%D0%B6%D0%B4%D0%BE%D0%BC+%D0%BC%D0%BE%D0%BB%D1%87%D0%B0%D0%BD%D0%B8%D0%B8+%D1%81%D0%B2%D0%BE%D1%8F+%D0%B8%D1%81%D1%82%D0%B5%D1%80%D0%B8%D0%BA%D0%B0+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+fb2&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802391_raspisanie__avtobusov__sarapul_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802405_skachat__oki__dlya_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802653_skachat__warcraft__3_.pdf
-