Description
Trojan/stealer written in NodeJS and spread via Java downloader.
DHL_Nov 2020 at 1.85_8BZ290_PDF.jar
71KB
201127-etklnp6jga
f204d9f0175eb6a66a0e312d63477680
e161a465e339be0ec43ba30ee7b0c25a9b40dc0e
d529003a6e1708637cc07277bfbef218db0dcaec7eed84b28567910f439297ee
7d0c8c20539affd05bc5ee7de1cdc4cb65e2127b7972418c686677d7b4d12e34803446f73bce0406fdeeea6ab72c9fabee5aeb81985bce1502aabaa9d531c227
DHL_Nov 2020 at 1.85_8BZ290_PDF.jar
f204d9f0175eb6a66a0e312d63477680
71KB
e161a465e339be0ec43ba30ee7b0c25a9b40dc0e
d529003a6e1708637cc07277bfbef218db0dcaec7eed84b28567910f439297ee
7d0c8c20539affd05bc5ee7de1cdc4cb65e2127b7972418c686677d7b4d12e34803446f73bce0406fdeeea6ab72c9fabee5aeb81985bce1502aabaa9d531c227
Trojan/stealer written in NodeJS and spread via Java downloader.
Uses a legitimate IP lookup service to find the infected system's external IP.