General
-
Target
6dc5bee3817d847812263cab3900a857_JaffaCakes118
-
Size
385KB
-
MD5
6dc5bee3817d847812263cab3900a857
-
SHA1
c0862c9cc198e5a98e7dca1ede4e1fff5927ce60
-
SHA256
bb45adaf6b602daf44a5398a2a5b58f9595f740364ab36585e3a9fc3f8513308
-
SHA512
85a76d2366b66f2ccfaca506eaab11d3b0f31450923e1c5c8a41dc3d7a41e0e5a5fd1d085d1e2933fd0db694ae05a9c14dfe8f5ed0b3437458b98939b5a447ea
-
SSDEEP
6144:3wojRSIUZO/xT43cH3RleX92ab+B6KMWm4mELkkCG8/j6bgyMboPvleY:gQS3MB43idaugBELkFGb89bE
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
6dc5bee3817d847812263cab3900a857_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D0%BF%D0%BE%D0%BB%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%B5+%D0%BE%D0%B1+%D0%BE%D0%BF%D0%BB%D0%B0%D1%82%D0%B5+%D1%82%D1%80%D1%83%D0%B4%D0%B0+%D0%BF%D1%80%D0%B8+%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D0%BD%D0%BE-%D0%BF%D1%80%D0%B5%D0%BC%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9+%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%B5&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654862_yellai_pismo_tekst_pesni.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654875_kryak_dlya_nero_7.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654884_mefodiy_buslaev_tanec_mecha_skachat.pdf
-