General
-
Target
966c586cd0a871d410c32ceef181747d_JaffaCakes118
-
Size
385KB
-
MD5
966c586cd0a871d410c32ceef181747d
-
SHA1
14ec62f498ce7db79bae03513451f8224c5379fe
-
SHA256
2f27fa175abf827e095958ac73f38c3dc9a3a9bb312911bfae6d5f00fd3fc7ea
-
SHA512
f85e90cd890e823357cfaae488f2c15aa44bd71396a666d370ef5cfe6bdf55df70438a625fb011111bf2461555cc8336effeff03fadb6eefcf0c0fceb20e5943
-
SSDEEP
6144:aO5Sts6QwvMIw7/2gAgIfHftysM2LnoBQAY3VrZcMAA0b8ccccHxsG+Yo1lYQ5F:95S6lwE//2jnLDACrZcI0GKY2F
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
966c586cd0a871d410c32ceef181747d_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%80%D0%B0%D0%B1%D0%BE%D1%87%D0%B8%D0%B5+%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D1%8B+%D0%BF%D0%BE+%D0%BC%D0%B0%D1%82%D0%B5%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B5+5+%D0%BA%D0%BB%D0%B0%D1%81%D1%81+%D0%B2%D0%B8%D0%BB%D0%B5%D0%BD%D0%BA%D0%B8%D0%BD&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802438_kren__5__volt_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802723_lullaby__of__birdland_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802754_soset__u__konya_.pdf
-