General
-
Target
Purchase order.jar
-
Size
85KB
-
Sample
201105-1zgk74sfra
-
MD5
204d0b9b7198ed31f81e004ed4c02445
-
SHA1
166a748ac03503cc764d3a8d8b67a891339bc85f
-
SHA256
6a772f09e9c6e88ea2999212c40ce98d5d310907c00971d4f1f9ba55c5e83131
-
SHA512
8a50084d5d2e492e03851c40b7fcf1f857825db476d4dbddd48187bf2babbc0ae247584183bee4de0a2fa6e77a4b86ee4327d0a4624b320e06a345420c39b3fc
Static task
static1
Behavioral task
behavioral1
Sample
Purchase order.jar
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Purchase order.jar
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Purchase order.jar
-
Size
85KB
-
MD5
204d0b9b7198ed31f81e004ed4c02445
-
SHA1
166a748ac03503cc764d3a8d8b67a891339bc85f
-
SHA256
6a772f09e9c6e88ea2999212c40ce98d5d310907c00971d4f1f9ba55c5e83131
-
SHA512
8a50084d5d2e492e03851c40b7fcf1f857825db476d4dbddd48187bf2babbc0ae247584183bee4de0a2fa6e77a4b86ee4327d0a4624b320e06a345420c39b3fc
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-