General

  • Target

    dfe0dc185731f1ec19bac3303eb1830e_JaffaCakes118

  • Size

    126KB

  • MD5

    dfe0dc185731f1ec19bac3303eb1830e

  • SHA1

    bd63be666d16ee3f72c2ee7a1b9350c8f9cbdf8b

  • SHA256

    87136b978a3bd48adc9e8dfa4875407c80a462681961e202f1deabe5b5ff65cd

  • SHA512

    ab5fa4c17f58d309c556d61d7ff6dbb8a739cc08aea5fdbeef7b39c84c78d7648b15430702678d25b5940e0f00b8a582030e60f5cb2adbf890fb35e518682d31

  • SSDEEP

    3072:iLuQKp2W1jbbuwloWv15LWqiWlec9FtiK19p+1:fQKsW1r1cqigZ96

Score
3/10

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

Files

  • dfe0dc185731f1ec19bac3303eb1830e_JaffaCakes118
    .pdf
    • http://www.americanexpress.com/Tracking?mid=HEALTUSE20151229301548309996T3&msrc=TMPLT-GCS&url=http://www.facebook.com/americanexpress

    • http://www.americanexpress.com/Tracking?mid=HEALTUSE20151229301548309996T3&msrc=TMPLT-GCS&url=http://www.twitter.com/americanexpress

    • http://www.americanexpress.com/Tracking?mid=HEALTUSE20151229301548309996T3&msrc=TMPLT-GCS&url=http://www.youtube.com/americanexpress

    • http://www.americanexpress.com/Tracking?mid=HEALTUSE20151229301548309996T3&msrc=TMPLT-GCS&url=https%3A%2F%2Fsync.americanexpress.com%2Ffoursquare%2FIndex%3Fextlink%3DUS-GNMA-4sqstatementmailervanity%26AspxAutoDetectCookieSupport%3D1

    • https://t.co/SXPUGcCOGS?americanexpress.com/mycleo3vlgmh1azzx7ejqxp9eo3vlgmh1azzx7ejqxp9eo3vlgmh1azzx7ejqxp9eo3vlgmh1azzx7ejqxp9