General
-
Target
d3f81774dea7f63f4b1dc83070dd7dc6_JaffaCakes118
-
Size
378KB
-
MD5
d3f81774dea7f63f4b1dc83070dd7dc6
-
SHA1
2b0ec4aec1619cd889c9033d072f3e04f2c569f6
-
SHA256
de0856711aa64b5c315bde0b1daf90a90995d3e7a787be64e54b518b635fb01e
-
SHA512
256a858746d26b3a666c15811c8ba320f2d58db0e590376d0e7608c99be6276808213442862bd7ca88a3c767bc3fc5a6025c22a1207d3d027226203a815ab733
-
SSDEEP
6144:osP9EFA0biIvVuHdKNLKPp+Yw0NhS5FzpweAGMkzRZ8JDAJz9At+yaYusGPVDANB:osP9EuciIu1pU0DpeAGvFZ8JDAFutvau
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
d3f81774dea7f63f4b1dc83070dd7dc6_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%82%D0%B5%D0%B3%D0%B8+%D0%B4%D0%BB%D1%8F+%D1%81%D0%BA%D1%80%D0%B0%D0%BF%D0%B1%D1%83%D0%BA%D0%B8%D0%BD%D0%B3%D0%B0+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&charset=utf-8
-
http://img1.liveinternet.ru/images/attach/c/7//4751/4751503_redneck__rampage__skachat_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4751/4751729_powerpoint__2010__skachat_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4751/4751973_moy__kot__tom_.pdf
-