General
-
Target
DHL ARRIVAL.jar
-
Size
285KB
-
Sample
201014-m8mmbg6gyx
-
MD5
75f5ce2ae0099fc1afb790db6e1db016
-
SHA1
f4f3d192a30507f90bc2d4091f6a1f260752175a
-
SHA256
7fe0e93c12ac33399712246614159aec3f10e132dd54dff5a8185cb91089c428
-
SHA512
d8fe87b03cc5bfbd688f7b06b5405c04f42f86ff3940aa954bd957018909d21fd40f3003c8d5f7c0899fea88e03acebfca6cb991b240d2b829f021cafea01678
Static task
static1
Behavioral task
behavioral1
Sample
DHL ARRIVAL.jar
Resource
win7v200722
Behavioral task
behavioral2
Sample
DHL ARRIVAL.jar
Resource
win10
Malware Config
Targets
-
-
Target
DHL ARRIVAL.jar
-
Size
285KB
-
MD5
75f5ce2ae0099fc1afb790db6e1db016
-
SHA1
f4f3d192a30507f90bc2d4091f6a1f260752175a
-
SHA256
7fe0e93c12ac33399712246614159aec3f10e132dd54dff5a8185cb91089c428
-
SHA512
d8fe87b03cc5bfbd688f7b06b5405c04f42f86ff3940aa954bd957018909d21fd40f3003c8d5f7c0899fea88e03acebfca6cb991b240d2b829f021cafea01678
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-