General
-
Target
DHL.jar
-
Size
318KB
-
Sample
201012-sl1v7k6nza
-
MD5
ba3c3a491c1f542ba70b5cba78664c27
-
SHA1
e3f3836cbd6c20799d5fd847852732ec6bbb64a6
-
SHA256
f104ffa104dc5c0739ed98c605c0cc32fc148aa40dab5de2916d9b1f864a4654
-
SHA512
7d0201320644db94497f6e1d0584a2be985210c205ae63a3ba4aaa7831d778aa5893e608ed96c082e31f4e63173ff626043cf90af93a2a747710366fa6745b50
Static task
static1
Behavioral task
behavioral1
Sample
DHL.jar
Resource
win7v200722
Behavioral task
behavioral2
Sample
DHL.jar
Resource
win10
Malware Config
Targets
-
-
Target
DHL.jar
-
Size
318KB
-
MD5
ba3c3a491c1f542ba70b5cba78664c27
-
SHA1
e3f3836cbd6c20799d5fd847852732ec6bbb64a6
-
SHA256
f104ffa104dc5c0739ed98c605c0cc32fc148aa40dab5de2916d9b1f864a4654
-
SHA512
7d0201320644db94497f6e1d0584a2be985210c205ae63a3ba4aaa7831d778aa5893e608ed96c082e31f4e63173ff626043cf90af93a2a747710366fa6745b50
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-