General

  • Target

    Invoice 645505.jar

  • Size

    411KB

  • Sample

    200819-b91fcnetjj

  • MD5

    c155328fa4fc5bcef15471d7b260ced4

  • SHA1

    3ed307dfdd397b93f6a6bb2fa69a8f10904d59cb

  • SHA256

    409a926c8b06ca68686a8061be80b306eb5c7b1b29aa4e7323540f555254caa8

  • SHA512

    e9edce2b9e24578164876323f8678fbd62d5426fac48654a597b9776b97ab3a07232cfbfe3e25d988d9ec46fa7e38e425a3806d711174b5294c6124d5cdc88f7

Malware Config

Targets

    • Target

      Invoice 645505.jar

    • Size

      411KB

    • MD5

      c155328fa4fc5bcef15471d7b260ced4

    • SHA1

      3ed307dfdd397b93f6a6bb2fa69a8f10904d59cb

    • SHA256

      409a926c8b06ca68686a8061be80b306eb5c7b1b29aa4e7323540f555254caa8

    • SHA512

      e9edce2b9e24578164876323f8678fbd62d5426fac48654a597b9776b97ab3a07232cfbfe3e25d988d9ec46fa7e38e425a3806d711174b5294c6124d5cdc88f7

    • Modifies Windows Defender Real-time Protection settings

    • QarallaxRAT

      Qarallax is a RAT developed by Quaverse and sold as RaaS (RAT as a Service).

    • Qarallax RAT support DLL

    • Disables Task Manager via registry modification

    • Disables use of System Restore points

    • Sets file execution options in registry

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.