General
-
Target
Purchase LOI.jar
-
Size
168KB
-
Sample
210705-5asdfgllaj
-
MD5
3851a4834bf578596d81688b49476834
-
SHA1
4c130bca45c0791d387ff6a02455e76f050b254b
-
SHA256
bf8ee3c8ac5e570987fb535ee8c47c19ccbf400193610fa34cb31ddd48a81cd0
-
SHA512
bba38ca9c0453435dba3ea45f506fd18e05a2107f778bad8d8ffdd5977493dc172f4c6d1ed2ddb67fa803374a34bf5eed5c041992f1d2758b0f59d4994b3a96f
Static task
static1
Behavioral task
behavioral1
Sample
Purchase LOI.jar
Resource
win7v20210408
Behavioral task
behavioral2
Sample
Purchase LOI.jar
Resource
win10v20210410
Malware Config
Targets
-
-
Target
Purchase LOI.jar
-
Size
168KB
-
MD5
3851a4834bf578596d81688b49476834
-
SHA1
4c130bca45c0791d387ff6a02455e76f050b254b
-
SHA256
bf8ee3c8ac5e570987fb535ee8c47c19ccbf400193610fa34cb31ddd48a81cd0
-
SHA512
bba38ca9c0453435dba3ea45f506fd18e05a2107f778bad8d8ffdd5977493dc172f4c6d1ed2ddb67fa803374a34bf5eed5c041992f1d2758b0f59d4994b3a96f
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-