General
-
Target
9f65cbce8e78ba785716ebae5ecbeb6a_JaffaCakes118
-
Size
368KB
-
MD5
9f65cbce8e78ba785716ebae5ecbeb6a
-
SHA1
a78d66392cdc71236a4546962de2bb9e1a8c7ec0
-
SHA256
21969359a4bccdff3b73a71f7a2096276ec4b41fea8d2e02239635049bb940a7
-
SHA512
c0c9d2e79b761ebe7bf11520b3ac1f3962f28290dfcfcbc33fbf2dde12197f1c0eb9cd7c475aed1225c12c7001145d31828c8d52459142ec55701fcdda9fcabf
-
SSDEEP
6144:SSBxTV2gS6ExEm/QEla8eWE4tsmUFWPy1QFcfC/FHNLvL6pRm8p6l+0Q:SwpV2gS6E2kJSW1KqFHt6pElU
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
9f65cbce8e78ba785716ebae5ecbeb6a_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D0%BD%D1%8B%D0%B9+%D1%81%D0%BF%D1%80%D0%B0%D0%B2%D0%BE%D1%87%D0%BD%D0%B8%D0%BA+%D0%B4%D0%BE%D0%BC%D0%B0%D1%88%D0%BD%D0%B8%D1%85+%D1%82%D0%B5%D0%BB%D0%B5%D1%84%D0%BE%D0%BD%D0%BE%D0%B2+%D0%B8%D0%B6%D0%B5%D0%B2%D1%81%D0%BA%D0%B0&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654726_svodnaya_vedomost_po_zarplate_blank.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654797_opisanie_obekta_zakupki_po_44fz_obrazec.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654914_windows_8_64_bit_originalnuyy_obraz_torrent.pdf
-