General
-
Target
65f9c84b52a531d87a43ff3486e2ab4e_JaffaCakes118
-
Size
369KB
-
MD5
65f9c84b52a531d87a43ff3486e2ab4e
-
SHA1
2a11cc2adfee2c61bc6c0ea67ce5af2886fb2edb
-
SHA256
9faf2b38124ac233eb2b498ff9bb869106edc696590b8263018c3ed6c7cef4b3
-
SHA512
645fc388eb3d5340f8d68861dd2546354c82ba22479b8342f81be8d85f3ec776f4870e3aaff6703dee88f785c84c8ab183c3aa9af66a2e25270b7fe1aa4e86e6
-
SSDEEP
6144:62pkZ2t+lLvteBACl8P3kIXmKddm5pC+oAmvdw+T9PeK5Eifj1:DkZc+Jv0dWfkIX/65WvpR12ifR
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
65f9c84b52a531d87a43ff3486e2ab4e_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=directx+112+%D0%B4%D0%BB%D1%8F+windows+81+x64+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D1%81+%D0%BE%D1%84%D0%B8%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B3%D0%BE+%D1%81%D0%B0%D0%B9%D1%82%D0%B0&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/6//4690/4690120_posledniy__boy__mayora_.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4690/4690468_zd__simulator_.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4690/4690653_notuy__dlya_.pdf
-