e2e7bb79269c7b3367b4ea7f96587a9bfc501d88b446181d13070788ba9bf543 | Triage

Sharing

General

Target

394-20200707-10-STRONGAS.jar
Size

426KB
Sample

200709-xa6lb6exce
MD5

f7d2e3baf446952c84c783d8dcb4ffb8
SHA1

ed5ae96da0f0a2a7f5ec6bd76de124b494f6f09f
SHA256

e2e7bb79269c7b3367b4ea7f96587a9bfc501d88b446181d13070788ba9bf543
SHA512

e7f34108476bd26e45aa88574e69922ddb5a83b6149a69b513b8321f739bae330665f737bd5702d4a16878eed86903e641535ed86f47c5d3f9818e933c4f8d44

Score

7^/10

spyware

Malware Config

Targets

- Target
  
  394-20200707-10-STRONGAS.jar
- Size
  
  426KB
- MD5
  
  f7d2e3baf446952c84c783d8dcb4ffb8
- SHA1
  
  ed5ae96da0f0a2a7f5ec6bd76de124b494f6f09f
- SHA256
  
  e2e7bb79269c7b3367b4ea7f96587a9bfc501d88b446181d13070788ba9bf543
- SHA512
  
  e7f34108476bd26e45aa88574e69922ddb5a83b6149a69b513b8321f739bae330665f737bd5702d4a16878eed86903e641535ed86f47c5d3f9818e933c4f8d44
Score

7^/10

spyware
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2