General
-
Target
DHL Parcel.jar
-
Size
78KB
-
Sample
201020-vavtf7fxdj
-
MD5
7233aef533abb4b196eb92c5b55203c9
-
SHA1
bf34d18a78b5011ee331cb08fc88e7fbfb3fafff
-
SHA256
8ba26665fcdc0fd1f35e78fe0d1503c9d3f9719da1eee2e69d5738af0f89567f
-
SHA512
991965eaef6741be35e0f8a69c9d1854be8f48c0f4ef561e4c6d3bc34e8741b3719cc8411fef6adcb64cbb393a41a021dfb93ce383f2787fe85b0a922f82d7a8
Static task
static1
Behavioral task
behavioral1
Sample
DHL Parcel.jar
Resource
win7
Behavioral task
behavioral2
Sample
DHL Parcel.jar
Resource
win10v200722
Malware Config
Targets
-
-
Target
DHL Parcel.jar
-
Size
78KB
-
MD5
7233aef533abb4b196eb92c5b55203c9
-
SHA1
bf34d18a78b5011ee331cb08fc88e7fbfb3fafff
-
SHA256
8ba26665fcdc0fd1f35e78fe0d1503c9d3f9719da1eee2e69d5738af0f89567f
-
SHA512
991965eaef6741be35e0f8a69c9d1854be8f48c0f4ef561e4c6d3bc34e8741b3719cc8411fef6adcb64cbb393a41a021dfb93ce383f2787fe85b0a922f82d7a8
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-