General
-
Target
72e3cac38972d1dec1ec5e1affb0a6b0_JaffaCakes118
-
Size
185KB
-
MD5
72e3cac38972d1dec1ec5e1affb0a6b0
-
SHA1
16757073d1b65fa02fe7cb8f35717978fe2d78e6
-
SHA256
d7db2730a6767de2f78560070df4ed17f24dcd773efe7787dfbdf7392395f902
-
SHA512
068696b84c9dc5eddf36519b8243a6fcc8d8f6e7fc29cc2c2ae907e0e30ac6f588d1f5a4bd57a64a85d459ea41a91ddee0490305abda21bb594e0e2a9e433056
-
SSDEEP
3072:J2irbxzGAFYDMxud7fKg3dXVmbOn5uu6KjnH7hrHAFQev6jQS1ofNSc:J2MKlWQ7Sg3d4bOnNAuUSa
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
72e3cac38972d1dec1ec5e1affb0a6b0_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D0%BF%D0%BB%D0%B0%D0%B3%D0%B8%D0%BD+%D0%B4%D0%BB%D1%8F+%D0%B0%D0%BD%D0%B4%D1%80%D0%BE%D0%B8%D0%B4%D0%B0+%D0%B4%D0%BB%D1%8F+%D0%BF%D1%80%D0%BE%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B0+%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE&charset=utf-8
-
http://fastpic.ru/
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184327_kupit_licenzionnuyy_maynkraft_za_10_rubley.pdf
-
http://img1.liveinternet.ru/images/attach/c/5//4183/4183202_kursovoy_proekt_po_ventilyacii.pdf
-
http://img1.liveinternet.ru/images/attach/c/5//4183/4183255_urok_informatiki_s_primeneniem_interaktivnoy_doski.pdf
-
http://www.liveinternet.ru/click
-