General
-
Target
dhlpaket.jar
-
Size
289KB
-
Sample
201015-6856ah4zre
-
MD5
b15cdc291a5e4a8535c3eb7c14eae8dc
-
SHA1
1a4070204cabeb1fe552ce0d83017dd416fc1ef5
-
SHA256
fc893170ac17a117486c0cb8e3f0733840f5e964d4134abf74c3d801df40f75a
-
SHA512
274429ccfc2d977a9d013ac788880bdb80fd3320f623042a671a2186ecc62ffb19ddcb8e452d7f1dff5a1bc66ffc4111129869ec01783bf4701a3bc5dbee000b
Static task
static1
Behavioral task
behavioral1
Sample
dhlpaket.jar
Resource
win7
Behavioral task
behavioral2
Sample
dhlpaket.jar
Resource
win10v200722
Malware Config
Targets
-
-
Target
dhlpaket.jar
-
Size
289KB
-
MD5
b15cdc291a5e4a8535c3eb7c14eae8dc
-
SHA1
1a4070204cabeb1fe552ce0d83017dd416fc1ef5
-
SHA256
fc893170ac17a117486c0cb8e3f0733840f5e964d4134abf74c3d801df40f75a
-
SHA512
274429ccfc2d977a9d013ac788880bdb80fd3320f623042a671a2186ecc62ffb19ddcb8e452d7f1dff5a1bc66ffc4111129869ec01783bf4701a3bc5dbee000b
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-