General
-
Target
Overdue invoice-960494.jar
-
Size
99KB
-
Sample
210607-kbd2pp8zrn
-
MD5
057ee447c12c0c2f3ce7c51f9579dbce
-
SHA1
a24554b8a24786895a2e1d76f42751f46b5fbef9
-
SHA256
71ed2714927d82bc3660dc53b132a843a65fa1f68e0d892ce7c40905772d8dcb
-
SHA512
27d602531da88b9be73bba28afdbaa246e17ee0f218fa340cc8ac356afd17d973953b91dfc2d8085e19f02dd339bba39a3e0885ff30370b6150999e80ac593ce
Static task
static1
Behavioral task
behavioral1
Sample
Overdue invoice-960494.jar
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Overdue invoice-960494.jar
Resource
win10v20210408
Malware Config
Targets
-
-
Target
Overdue invoice-960494.jar
-
Size
99KB
-
MD5
057ee447c12c0c2f3ce7c51f9579dbce
-
SHA1
a24554b8a24786895a2e1d76f42751f46b5fbef9
-
SHA256
71ed2714927d82bc3660dc53b132a843a65fa1f68e0d892ce7c40905772d8dcb
-
SHA512
27d602531da88b9be73bba28afdbaa246e17ee0f218fa340cc8ac356afd17d973953b91dfc2d8085e19f02dd339bba39a3e0885ff30370b6150999e80ac593ce
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-