639ee6e0d9338cb339c804d48e759e20be2a9f6fe09a74c8531e1373e239a644 | Triage

Sharing

General

Target

DHL Notification.jar
Size

100KB
Sample

210504-w2rcqzyqb2
MD5

0917fbd208a8645f6baf6d5aadd62ed0
SHA1

00cb52652623edec170cca21a2fac207af1d66a4
SHA256

639ee6e0d9338cb339c804d48e759e20be2a9f6fe09a74c8531e1373e239a644
SHA512

2cc7d67a1cc6b36e215585bd85b98ae83fdf743c19df7e42ecd6a7f2b73335cef8890742dfc478399245374434730471ff3e7d6d85d7e6008733ad7dbfbef188

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  DHL Notification.jar
- Size
  
  100KB
- MD5
  
  0917fbd208a8645f6baf6d5aadd62ed0
- SHA1
  
  00cb52652623edec170cca21a2fac207af1d66a4
- SHA256
  
  639ee6e0d9338cb339c804d48e759e20be2a9f6fe09a74c8531e1373e239a644
- SHA512
  
  2cc7d67a1cc6b36e215585bd85b98ae83fdf743c19df7e42ecd6a7f2b73335cef8890742dfc478399245374434730471ff3e7d6d85d7e6008733ad7dbfbef188
Score

7^/10

persistence
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2