1a7a043fafd773726b8e0853a34af78e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a7a043fafd773726b8e0853a34af78e_JaffaCakes118
Size

3.7MB
MD5

1a7a043fafd773726b8e0853a34af78e
SHA1

739f351a08a3d9ce2dd054b49351aaf6fa376e82
SHA256

d263478566ac5937bc0be540359542170c4673ffe17ef4238c4fdf7b32d4f396
SHA512

e83d6a9964916e213162f101dba576e5d3b37effacfb815d9c018a59e2ebf80ed894a73c835167bf206e39aaa7fc09007c14d4cbb66b5dd96784e058899fde7a
SSDEEP

98304:tMvJQ/sy7IhoVUpSaZMDuX3ostnLF05m4mefA1:g2E9pSaZMDe3vtLe5mga

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
sample	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

1a7a043fafd773726b8e0853a34af78e_JaffaCakes118
.pdf
- http://funkyfilters.com/url/obfuscation/
- http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1252798682&rver=5.5.4177.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-US
- http://nutshellurl.com/
- http://sourceforge.net/projects/wampserver/files/WampServer%202/WampServer%202.0/WampServer2.0h.exe/download
- http://www.110mb.com/
- http://www.11mbit.de/
- http://www.35mb.com/
- http://www.9hz.com/
- http://www.Dz-HeLL.org/XXX.jpg
- http://www.asphost4free.com/
- http://www.ataja.es/
- http://www.canurl.com/
- http://www.curio.us/
- http://www.decenturl.com/
- http://www.dot.tk/
- http://www.dwarfurl.com/
- http://www.dz-hell.org/
- http://www.easyurl.net/
- http://www.eb2a.com/
- http://www.filebuffer.net/
- http://www.filecabi.net/free-video-hosting.html
- http://www.filesupload.com/
- http://www.fileupyours.com/
- http://www.freehostia.com/
- http://www.freeuploader.com/
- http://www.freeweb7.com/
- http://www.hyperurl.com/
- http://www.ix.lt/
- http://www.mediafire.com/?wuw121w5myt
- http://www.myfilestash.com/
- http://www.mytempdir.com/
- http://www.nanoref.com/
- http://www.opera.com/download/
- http://www.p2h.info/
- http://www.picapic.net/
- http://www.putfile.com/
- http://www.redirx.com/
- http://www.ripway.com/
- http://www.simurl.com/
- http://www.sqweebs.com/
- http://www.starturl.com/
- http://www.tighturl.com/
- http://www.titanichost.com/
- http://www.urlhawk.com/
- http://www.vbhacker.net/
- http://www.vbhacker.net/vb/index.php
- http://www.vbhacker.net/vb/t205971/
- http://www.webng.com/
- http://www.websamba.com/
- http://www.x.se/
- https://login.yahoo.com/config/login
- https://login.yahoo.com/config/mail?.src=ym&.intl=fr
- https://support.live.com/eform.aspx?productKey=wlidvalidation&ct=eformcs
- Show all