bec23aadb201d402a3954afbab1978adc6b1ed64dbe624e8e3ed97d1fdcc923d | Triage

Sharing

General

Target

394-20200707-10-ACASIA.jar
Size

531KB
Sample

200708-f5pl7y8caj
MD5

26c6f659c2125ab80cfc4d162db74fea
SHA1

488336ba7784a88e8ab5ee683dc51e3f6fd9f4af
SHA256

bec23aadb201d402a3954afbab1978adc6b1ed64dbe624e8e3ed97d1fdcc923d
SHA512

e1f0099d19459b4eeeafad5d33adf3a79ed235ac0a1410f67f068e738cb8657f1fb42209f606ba4ffb674a04a3b3439e7771a5a4adcec0d80873b9b5b8790f2f

Score

7^/10

spyware

Malware Config

Targets

- Target
  
  394-20200707-10-ACASIA.jar
- Size
  
  531KB
- MD5
  
  26c6f659c2125ab80cfc4d162db74fea
- SHA1
  
  488336ba7784a88e8ab5ee683dc51e3f6fd9f4af
- SHA256
  
  bec23aadb201d402a3954afbab1978adc6b1ed64dbe624e8e3ed97d1fdcc923d
- SHA512
  
  e1f0099d19459b4eeeafad5d33adf3a79ed235ac0a1410f67f068e738cb8657f1fb42209f606ba4ffb674a04a3b3439e7771a5a4adcec0d80873b9b5b8790f2f
Score

7^/10

spyware
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2