General
-
Target
f999b11d88737aaf83fdd250c5e47463_JaffaCakes118
-
Size
184KB
-
MD5
f999b11d88737aaf83fdd250c5e47463
-
SHA1
38d93b56487f40173c4bd650069f43cc021daa01
-
SHA256
9b79eb8ad341bd73949cb3622a542a9938450341268fe2143ccee68b10007677
-
SHA512
86ab778e9d0600462d93ca32d65fbab028d2bbc52868b45db4a9cd82989e6f92aacac9100b1708d291d45d1c10f86704af379ead262751f9d481fa1c3fa59a61
-
SSDEEP
3072:J2irbxzGAFYDMxud7fKg3dXVmbOn5uI6KjnyCsB116fyhFzbGy3qhz3WGOSc:J2MKlWQ7Sg3d4bOpRsBWqz/qJWr
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
f999b11d88737aaf83fdd250c5e47463_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9+%D1%80%D0%BE%D0%BA+%D0%BB%D1%83%D1%87%D1%88%D0%B5%D0%B5+%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82&charset=utf-8
-
http://fastpic.ru/
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184712_aim_na_contract_wars.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184715_primeruy_nachisleniya_otpusknuyh_v_2015_godu.pdf
-
http://img0.liveinternet.ru/images/attach/c/5//4184/4184741_skachat_programmu_dlya_nakrutki_lyudey_v_gruppu_vkontakte.pdf
-
http://www.liveinternet.ru/click
-