Analysis
-
max time kernel
78s -
max time network
145s -
platform
windows10_x64 -
resource
win10 -
submitted
30-06-2020 07:06
Static task
static1
Behavioral task
behavioral1
Sample
remittance.jar
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
remittance.jar
Resource
win10
windows10_x64
0 signatures
0 seconds
General
-
Target
remittance.jar
-
Size
450KB
-
MD5
9af6942aacb78d200bbd484b5bd76b3c
-
SHA1
4064b1da769053829069e392748867baccbc2147
-
SHA256
8edf2978921969e1d32c39297bf62862397a0b97773cfda07ef2e6ad73c7fc9c
-
SHA512
91761b8f70ae3c6e8a9451c38cb3565b1c0257e915b6257700efbe83da9e6e56fe0354b01096f2b5a575c0d12c3cd6e597b97974f7f3829afcf62e11deb2b6bc
Score
7/10
Malware Config
Signatures
-
Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
-
Looks up external IP address via web service 1 IoCs
Uses a legitimate IP lookup service to find the infected system's external IP.
Processes:
flow ioc 16 bot.whatismyipaddress.com -
Loads dropped DLL 2 IoCs
Processes:
java.exepid process 3404 java.exe 3404 java.exe