General
-
Target
Shipping documents.jar
-
Size
74KB
-
Sample
201022-fd6sfvd43s
-
MD5
aca734eeac3a00205e7a64800b05cb95
-
SHA1
e09deace896a082517204f46ae3bddfc2f3f46c1
-
SHA256
726902ed1aab6fe2e7632d70bfba8fe89efc025bc76c7f63c8cbc2f73dea193e
-
SHA512
2966c44e70c9e0b2864112db107dd7194537ec71b654f173eff559a3ee4e03ecfd6ca5207a95a4cb3e8606197ab84fe12835d60c1e536a69370a103072f6f4c1
Static task
static1
Behavioral task
behavioral1
Sample
Shipping documents.jar
Resource
win7
Behavioral task
behavioral2
Sample
Shipping documents.jar
Resource
win10
Malware Config
Targets
-
-
Target
Shipping documents.jar
-
Size
74KB
-
MD5
aca734eeac3a00205e7a64800b05cb95
-
SHA1
e09deace896a082517204f46ae3bddfc2f3f46c1
-
SHA256
726902ed1aab6fe2e7632d70bfba8fe89efc025bc76c7f63c8cbc2f73dea193e
-
SHA512
2966c44e70c9e0b2864112db107dd7194537ec71b654f173eff559a3ee4e03ecfd6ca5207a95a4cb3e8606197ab84fe12835d60c1e536a69370a103072f6f4c1
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-