Overview

overview

10

Static

static

Invoice.jar

windows7_x64

10

Invoice.jar

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Invoice.jar

  • Size

    511KB

  • Sample

    200831-jp9v6dgmwe

  • MD5

    7e5b34776de19e8b482564a11d3fb699

  • SHA1

    f66ae725fdb2810fa3dbf2d22bced29541d5c077

  • SHA256

    4ecf27cb1628ff8ccf85facded0efd4dcc31c3fb822a23b04b8f44d2b1a2561d

  • SHA512

    e1c1c7e63041b6aff959024246e84e70119c4d7953e1631f981873c07b6ff3bf6527006b637f11f2b5746c96417c1c6272dcb9ec911073bc1cf8fbde4a1201b8

Score
10/10
qarallaxpersistencetrojan

Malware Config

Targets

    • Target

      Invoice.jar

    • Size

      511KB

    • MD5

      7e5b34776de19e8b482564a11d3fb699

    • SHA1

      f66ae725fdb2810fa3dbf2d22bced29541d5c077

    • SHA256

      4ecf27cb1628ff8ccf85facded0efd4dcc31c3fb822a23b04b8f44d2b1a2561d

    • SHA512

      e1c1c7e63041b6aff959024246e84e70119c4d7953e1631f981873c07b6ff3bf6527006b637f11f2b5746c96417c1c6272dcb9ec911073bc1cf8fbde4a1201b8

    Score
    10/10
    persistencetrojanqarallax

    • QarallaxRAT

      Qarallax is a RAT developed by Quaverse and sold as RaaS (RAT as a Service).

      trojanqarallax

    • Qarallax RAT support DLL

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops desktop.ini file(s)

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks