General
-
Target
SWIFT MT103 65800 .jar
-
Size
74KB
-
Sample
201026-nqh4bdrebj
-
MD5
1c42b39fa5ff0b4d50d099a5e24c8d1b
-
SHA1
8cd53e0dad4fb4d14f9c7961e60c4f22950d4dd2
-
SHA256
e0d72ff290c85484632f91a9ae7de44f3b72e0f4c77bded1b2026f51c2d22f97
-
SHA512
3c2bf03e0351dfcc0d683dd698005d2b0e46d7f34dcb179180c3783a0a831c6372e10d8f50b76352d586fbe057fcd82e4b1eaeb73524751175e484f5f358ca54
Static task
static1
Behavioral task
behavioral1
Sample
SWIFT MT103 65800 .jar
Resource
win7
Behavioral task
behavioral2
Sample
SWIFT MT103 65800 .jar
Resource
win10
Malware Config
Targets
-
-
Target
SWIFT MT103 65800 .jar
-
Size
74KB
-
MD5
1c42b39fa5ff0b4d50d099a5e24c8d1b
-
SHA1
8cd53e0dad4fb4d14f9c7961e60c4f22950d4dd2
-
SHA256
e0d72ff290c85484632f91a9ae7de44f3b72e0f4c77bded1b2026f51c2d22f97
-
SHA512
3c2bf03e0351dfcc0d683dd698005d2b0e46d7f34dcb179180c3783a0a831c6372e10d8f50b76352d586fbe057fcd82e4b1eaeb73524751175e484f5f358ca54
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-