General
-
Target
DHL Notification DHL_AWB_0011179303 ETD.jar
-
Size
249KB
-
Sample
201016-m54qy4xnxj
-
MD5
51dc82e81caca8221a80c68aabf06596
-
SHA1
0e0e7c82b36f7240d7677bf2c12d8750d22e5542
-
SHA256
c7e2b03baae34026d8993fd56a55511a7d8ec99e784aba042d5e89fd404f7d98
-
SHA512
cfd75246ad15c7260a373ff6b781e31c599064dbb40ee1c77be5a32deb2c46c80b7b52476c71c31cf205ce4c07697e11a90afe6b26c6d06d87392a1e489b7dde
Static task
static1
Behavioral task
behavioral1
Sample
DHL Notification DHL_AWB_0011179303 ETD.jar
Resource
win7
Behavioral task
behavioral2
Sample
DHL Notification DHL_AWB_0011179303 ETD.jar
Resource
win10v200722
Malware Config
Targets
-
-
Target
DHL Notification DHL_AWB_0011179303 ETD.jar
-
Size
249KB
-
MD5
51dc82e81caca8221a80c68aabf06596
-
SHA1
0e0e7c82b36f7240d7677bf2c12d8750d22e5542
-
SHA256
c7e2b03baae34026d8993fd56a55511a7d8ec99e784aba042d5e89fd404f7d98
-
SHA512
cfd75246ad15c7260a373ff6b781e31c599064dbb40ee1c77be5a32deb2c46c80b7b52476c71c31cf205ce4c07697e11a90afe6b26c6d06d87392a1e489b7dde
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-