General
-
Target
DHL_109401211_AWB09100903_12012900.jar
-
Size
70KB
-
Sample
201019-7tdr14c19s
-
MD5
5b63a9bcee6e5f189d25cf270b579d05
-
SHA1
b3e0e86aff8fb3b156ebb53fc11153ae6c5d388b
-
SHA256
bffaedde078cf79c57bef9992503d088d21ea51957558a63e510b973c1e6f5fb
-
SHA512
c088674ff3c470cfa3ca86ac8bb4c8aa873434a98f2de4a35ec9afa63ce88f2cf0726dd54f9b143cd3b686bceb784e933d35f8636fb800ae946890f7ee96693f
Static task
static1
Behavioral task
behavioral1
Sample
DHL_109401211_AWB09100903_12012900.jar
Resource
win7v200722
Behavioral task
behavioral2
Sample
DHL_109401211_AWB09100903_12012900.jar
Resource
win10
Malware Config
Targets
-
-
Target
DHL_109401211_AWB09100903_12012900.jar
-
Size
70KB
-
MD5
5b63a9bcee6e5f189d25cf270b579d05
-
SHA1
b3e0e86aff8fb3b156ebb53fc11153ae6c5d388b
-
SHA256
bffaedde078cf79c57bef9992503d088d21ea51957558a63e510b973c1e6f5fb
-
SHA512
c088674ff3c470cfa3ca86ac8bb4c8aa873434a98f2de4a35ec9afa63ce88f2cf0726dd54f9b143cd3b686bceb784e933d35f8636fb800ae946890f7ee96693f
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-