General
-
Target
ad1dd263cbb2eb5a9edac08ffc08cae7_JaffaCakes118
-
Size
355KB
-
MD5
ad1dd263cbb2eb5a9edac08ffc08cae7
-
SHA1
35993e98d207b279ed2c324e2b7d11b2425e1f29
-
SHA256
ca8e8a679460b756e62fde5a86d08910834dd26db30d1e8b686873fdee2406a8
-
SHA512
8387be134a6eb10cb6f7d3bd49bdc6b88b4284a55d8c13bf2653b1e838500cf5de158584f605d9ca32f8ccfbe2c7dbefa7ae58b3706c7f8d4adb8d9ccc310ca3
-
SSDEEP
6144:8wADuTvJ2jCIdgnlzCJ8UhfcI1qrQA1luS0WirJpV4S7B4+dlQitLV:8zCLkCogHeUVQBn397bdumR
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
ad1dd263cbb2eb5a9edac08ffc08cae7_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%82%D0%B0%D0%B1%D0%BB%D0%B8%D1%86%D0%B0+%D1%81%D0%B8%D0%BD%D1%83%D1%81%D0%BE%D0%B2+%D0%B8+%D0%BA%D0%BE%D1%81%D0%B8%D0%BD%D1%83%D1%81%D0%BE%D0%B2+%D1%82%D0%B0%D0%BD%D0%B3%D0%B5%D0%BD%D1%81%D0%BE%D0%B2+30+45+60+120+135+150+90&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802464_forma__182n_.pdf
-
http://img0.liveinternet.ru/images/attach/c/7//4802/4802564_sensornoe__pianino__onlayn_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4803/4803166_skachat__programmu__dlya_.pdf
-