General
-
Target
Remittance Advice from Prespa Consultancy Pty Ltd.jar
-
Size
76KB
-
Sample
201123-v871ekew1s
-
MD5
00fbaeac41cb0a4dbc032fd8593e5ae7
-
SHA1
4749439b523248dabe38e0236fe4dcb77ae55c24
-
SHA256
d0276ecaa9b9c49b3b1d53d5a6fd47288a33e626d6255a476c624d86dccf2fad
-
SHA512
9e6fc3e8b5cf6a31b90c624d4c47240aed90e613c508640855585033a83ca3e8b4b5b67bc469a049652968da02fa5f7390f9c1f3e828dfc26c8ea7b5ee98fc89
Static task
static1
Behavioral task
behavioral1
Sample
Remittance Advice from Prespa Consultancy Pty Ltd.jar
Resource
win7v20201028
Behavioral task
behavioral2
Sample
Remittance Advice from Prespa Consultancy Pty Ltd.jar
Resource
win10v20201028
Malware Config
Targets
-
-
Target
Remittance Advice from Prespa Consultancy Pty Ltd.jar
-
Size
76KB
-
MD5
00fbaeac41cb0a4dbc032fd8593e5ae7
-
SHA1
4749439b523248dabe38e0236fe4dcb77ae55c24
-
SHA256
d0276ecaa9b9c49b3b1d53d5a6fd47288a33e626d6255a476c624d86dccf2fad
-
SHA512
9e6fc3e8b5cf6a31b90c624d4c47240aed90e613c508640855585033a83ca3e8b4b5b67bc469a049652968da02fa5f7390f9c1f3e828dfc26c8ea7b5ee98fc89
Score10/10-
Executes dropped EXE
-
Adds Run key to start application
-
JavaScript code in executable
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-