General
-
Target
f704a14a78316de26a9e0b1beed3963d_JaffaCakes118
-
Size
185KB
-
MD5
f704a14a78316de26a9e0b1beed3963d
-
SHA1
08103c74e10dddb3da5d8d1ea504ab09da694432
-
SHA256
22b9536779e3e3349e4e9e91aea5bcc75a2559e9971a6f14ab272f21711626a5
-
SHA512
9da39bc66aa8005906d10468ce6646f774c2beece33ace5c85164c3aa6337bae293c793745c081a54de3b485641c304568888d004f88c4cd685a86ec701a6313
-
SSDEEP
3072:H2irbxzGAFYDMxud7fKg3dXVmbOn5uI6KjnnQrq+ymFDhH21yvmw5lFTSr:H2MKlWQ7Sg3d4bOpQO+zVg
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
f704a14a78316de26a9e0b1beed3963d_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D0%B0%D0%BB%D0%B5%D0%BA%D1%81%D0%B5%D0%B9+%D0%B1%D1%80%D1%8F%D0%BD%D1%86%D0%B5%D0%B2+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82+%D0%B2%D1%81%D0%B5+%D0%B0%D0%BB%D1%8C%D0%B1%D0%BE%D0%BC%D1%8B&charset=utf-8
-
http://fastpic.ru/
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184364_prohozhdenie_stalker_zateryannuyy_mir.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184882_skachat_kontakt_master_polnuyu_versiyu_dlya_vzloma.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184980_finereader_80_kod_aktivacii.pdf
-
http://www.liveinternet.ru/click
-