General
-
Target
6c20c467ba7fd5d3779c30bcd92ec9f1_JaffaCakes118
-
Size
357KB
-
MD5
6c20c467ba7fd5d3779c30bcd92ec9f1
-
SHA1
312ce18722b930d8b636b9f730b8042616912ea5
-
SHA256
cd894e4a03dcd84241a5cedba1f8f4160f1eca5cdd6f807d9ea2993f01dde46a
-
SHA512
33aebe5cb8e80ec8ce6490e669a93a9628c06e1092a39e67f77460f7dd3f39b54f7816a652540427c2ab18856d1438361afce671493dfabc506dc4b93d813024
-
SSDEEP
6144:vU0bNxaD3UvAP/WV3STcp6ukfF6DrMpE4xvdDNyvz/KCMX03nh59n/Fid:coNMLUAlcp/kIrUEAryvGk5E
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
6c20c467ba7fd5d3779c30bcd92ec9f1_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%8D%D1%82%D0%BE%D1%82+%D0%BC%D0%B8%D1%80+%D0%BF%D1%80%D0%B8%D0%B4%D1%83%D0%BC%D0%B0%D0%BD+%D0%BD%D0%B5+%D0%BD%D0%B0%D0%BC%D0%B8+%D0%BD%D0%BE%D1%82%D1%8B+%D0%B4%D0%BB%D1%8F+%D1%84%D0%BE%D1%80%D1%82%D0%B5%D0%BF%D0%B8%D0%B0%D0%BD%D0%BE&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802428_skachat__dotu__676_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802502_stalker__zov__pripyati_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802609_proektuy__domov__s_.pdf
-