General
-
Target
Purchase order.jar
-
Size
71KB
-
Sample
201026-q56rbgwdgx
-
MD5
15112dee9a2350e3e990c697cffe3be1
-
SHA1
b581c744c734f8d78d1b63db9c423bab23ebefae
-
SHA256
5824541971e764fb1c2b95f1020172f53430728078551021b6e37148d3532098
-
SHA512
e86e9c57a86e6634e9c4f3ec352f79a4f1af6c4ed90334a4eecd5a8418b7bab8b17c8555f53b9c82c610101dc437ce0213020410c20e61ff62955b10ae4dd433
Static task
static1
Behavioral task
behavioral1
Sample
Purchase order.jar
Resource
win7
Behavioral task
behavioral2
Sample
Purchase order.jar
Resource
win10
Malware Config
Targets
-
-
Target
Purchase order.jar
-
Size
71KB
-
MD5
15112dee9a2350e3e990c697cffe3be1
-
SHA1
b581c744c734f8d78d1b63db9c423bab23ebefae
-
SHA256
5824541971e764fb1c2b95f1020172f53430728078551021b6e37148d3532098
-
SHA512
e86e9c57a86e6634e9c4f3ec352f79a4f1af6c4ed90334a4eecd5a8418b7bab8b17c8555f53b9c82c610101dc437ce0213020410c20e61ff62955b10ae4dd433
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-