General
-
Target
fa00c4c537869a3fb3f0952fb6443d85_JaffaCakes118
-
Size
365KB
-
MD5
fa00c4c537869a3fb3f0952fb6443d85
-
SHA1
996c15ff2bc6e8307b9eceb03643e3f3843b185a
-
SHA256
54c0057423bf706264ca09d881a60672d648f4d49b5c9c48abad28d7e95d9efd
-
SHA512
8094a5816f5e06557e10cba1c5d7c9ba5ab1ccc7f6697e6a86221166085b5ae236ad4b265faef35b69ba5c715eb6a965d6b2545ebb0a75153af76fe1b2e6f53e
-
SSDEEP
6144:6JCkwXDvy83hhu4FTDzqM1ObYKZARn6lI+r+qX3GxUfIOfhve6rA36h9NqUT4HCk:pkYhxL9taTZe6lIw+qSU7hWeAGNqUcHz
Malware Config
Signatures
-
One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
Files
-
fa00c4c537869a3fb3f0952fb6443d85_JaffaCakes118
-
http://botcraftman.ru/?lip&keyword=%D1%81%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C+%D0%B8%D0%B3%D1%80%D1%83+%D1%85%D0%B8%D1%82%D0%BC%D0%B0%D0%BD+3+%D1%87%D0%B5%D1%80%D0%B5%D0%B7+%D1%82%D0%BE%D1%80%D1%80%D0%B5%D0%BD%D1%82+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&charset=utf-8
-
http://img1.liveinternet.ru/images/attach/c/7//4751/4751592_russkiy__yazuyk__7_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4751/4751727_scenariy__den__rozhdeniya_.pdf
-
http://img1.liveinternet.ru/images/attach/c/7//4751/4751791_goluye__devochki__7_.pdf
-