General
-
Target
FedEx AWB # 187320605737.jar
-
Size
79KB
-
Sample
201027-6c3jq3svvs
-
MD5
235a86c4929c5e3de83e6855370d6eb4
-
SHA1
fc9e5d5dbef91d126b019a484d21ffc032e9c573
-
SHA256
2c5607a8d1a2c9baf69ebfd4b285519d453e397bda7f0b63fca3e1e2c4748e9c
-
SHA512
f6283ba5d77c4750cb66f510ac1a73108e10fabc0f11a96916c584099c544ca03b57ade2cc047ab80c57f8ad6fdce65cedfd50751a125a104562b2b9dd73d178
Static task
static1
Behavioral task
behavioral1
Sample
FedEx AWB # 187320605737.jar
Resource
win7
Behavioral task
behavioral2
Sample
FedEx AWB # 187320605737.jar
Resource
win10
Malware Config
Targets
-
-
Target
FedEx AWB # 187320605737.jar
-
Size
79KB
-
MD5
235a86c4929c5e3de83e6855370d6eb4
-
SHA1
fc9e5d5dbef91d126b019a484d21ffc032e9c573
-
SHA256
2c5607a8d1a2c9baf69ebfd4b285519d453e397bda7f0b63fca3e1e2c4748e9c
-
SHA512
f6283ba5d77c4750cb66f510ac1a73108e10fabc0f11a96916c584099c544ca03b57ade2cc047ab80c57f8ad6fdce65cedfd50751a125a104562b2b9dd73d178
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-