General
-
Target
ea3922cb06ed535dd0690dadea14c2c3_JaffaCakes118
-
Size
364KB
-
MD5
ea3922cb06ed535dd0690dadea14c2c3
-
SHA1
cdf2a3b2471a6ffca559d81c97a02f323e2e3a2a
-
SHA256
ae539a56cf06ea53a1a884553a8f0e020cc72ca5abbf0bc22ff552077123d397
-
SHA512
f1afcfdea6de2910dd6ac7cfcaa0dc89a8845029df45426b09719bcac81be303ba5a9ca009f30ce4d9d0e81356a813026057e5a66b827f10ae20c2cdca6624fe
-
SSDEEP
6144:8I35ektDsMrj4UTlO+ZU1oTrq9A7PtqmBZrY5689Jgjx4UzpeMyuR70HNRgTF:8IpektDPw+ZlrqWPY15F3gjxpeMyuRAa
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
ea3922cb06ed535dd0690dadea14c2c3_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BF%D0%BB%D0%B5%D0%B5%D1%80+%D0%BD%D0%B0+%D0%BA%D0%BE%D0%BC%D0%BF+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&charset=utf-8
-
http://img1.liveinternet.ru/images/attach/c/7//4817/4817457_kak__vosstanovit__windows_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4817/4817559_gorono__ozersk__yelektronnuyy_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4817/4817974_plan__vospitatelnoy__rabotuy_.pdf
-