General
-
Target
df5af865913c0c2f5832f951a18f3a60_JaffaCakes118
-
Size
383KB
-
MD5
df5af865913c0c2f5832f951a18f3a60
-
SHA1
220fc8a463befe6263821927217a18f752640834
-
SHA256
c478427c1a01feba2b4606a7122c41523344080444f734b7832a3df10a6d8a8d
-
SHA512
ef1dbf618d8a34618d364d7706e08341dd74f408962a0459d2287aabc2e56adf3616422175f50c890cbdce0cd042744354479f698ac361abc394656fad33f6c2
-
SSDEEP
6144:aHOoNv9R1bViiD2JbevXvLCRZ19zuiPh3UL2ZB8ZG5qeh3SviTiH1mtbHlJ9TJV1:IOoPR1babe/vLCRpzuUh3Uqhqe5kmpTn
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
df5af865913c0c2f5832f951a18f3a60_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D0%B2%D0%B5%D1%80%D0%BE%D0%BD%D0%B8%D0%BA%D0%B0+%D1%80%D0%BE%D1%82+%D1%82%D1%80%D0%B8%D0%BB%D0%BE%D0%B3%D0%B8%D1%8F+%D0%B4%D0%B8%D0%B2%D0%B5%D1%80%D0%B3%D0%B5%D0%BD%D1%82+%D0%B2%D1%81%D0%B5+%D0%BA%D0%BD%D0%B8%D0%B3%D0%B8+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&charset=utf-8
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654681_chit_na_bessmertie_v_payday_2.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654698_wetransfer_fayloobmennik_na_russkom_yazuyke.pdf
-
http://img0.liveinternet.ru/images/attach/c/6//4654/4654741_koduy_oshibok_na_opel_vektra_a.pdf
-