General
-
Target
787b1f5f7db9e50cb993d7907dc11cf4_JaffaCakes118
-
Size
187KB
-
MD5
787b1f5f7db9e50cb993d7907dc11cf4
-
SHA1
1d10a9cb912755c9aff10575793b180ccedbb8e0
-
SHA256
cec84a7c5db877749595c0a649370119757d936857477ec7994ab4edb81a8ca9
-
SHA512
747eedc9bb63c1d893852ea90f16ebf16670fbd52b6a0a9349f23ed330d2e497e99aa46a9f8845db17792d4455928ca5d1be2d0801086c823f39ef3b59c77a00
-
SSDEEP
3072:x2irbxzGAFYDMxud7fKg3dXVmbOn5u66KjnnQGXVmWCzwM1umcy1GaD5PMSE:x2MKlWQ7Sg3d4bO3QGlm7uaM
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
787b1f5f7db9e50cb993d7907dc11cf4_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=hyperterminal+%D0%B4%D0%BB%D1%8F+windows+7+%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B0%D1%8F+%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&charset=utf-8
-
http://fastpic.ru/
-
http://img0.liveinternet.ru/images/attach/c/5//4196/4196110_doverennost_ot_ip_na_fiz_lico_blank_skachat.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4196/4196223_pozdravitelnuyy_adres_shablon.pdf
-
http://img1.liveinternet.ru/images/attach/c/5//4203/4203471_sobaka_ebet_babu_onlayn.pdf
-
http://www.liveinternet.ru/click
-