General
-
Target
Our New Order Oct 20 2020 at 2.30_PVV440_PDF.jar
-
Size
85KB
-
Sample
201020-l6wcmdqzrs
-
MD5
574cdc3953be5418190dbaca24caa3d1
-
SHA1
a8d4a7ac39799b8190ceb21ce057edb0c7b201cf
-
SHA256
3ddba8c66f62ec8610e6b09f5ae35beef6daa0464c83d4220ce456a3ac392605
-
SHA512
f90f9a0a0731e5c9b94997ac69824a04d3e8dd87cd1a3781797633160c55928c734fc327be986a1ad0bb3e8356376daa690b2b14f71e1a780365bc6163c5309b
Static task
static1
Behavioral task
behavioral1
Sample
Our New Order Oct 20 2020 at 2.30_PVV440_PDF.jar
Resource
win7
Behavioral task
behavioral2
Sample
Our New Order Oct 20 2020 at 2.30_PVV440_PDF.jar
Resource
win10v200722
Malware Config
Targets
-
-
Target
Our New Order Oct 20 2020 at 2.30_PVV440_PDF.jar
-
Size
85KB
-
MD5
574cdc3953be5418190dbaca24caa3d1
-
SHA1
a8d4a7ac39799b8190ceb21ce057edb0c7b201cf
-
SHA256
3ddba8c66f62ec8610e6b09f5ae35beef6daa0464c83d4220ce456a3ac392605
-
SHA512
f90f9a0a0731e5c9b94997ac69824a04d3e8dd87cd1a3781797633160c55928c734fc327be986a1ad0bb3e8356376daa690b2b14f71e1a780365bc6163c5309b
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-