General
-
Target
009876554332.zip
-
Size
85KB
-
Sample
211122-w72axsgfbm
-
MD5
b4208ac9e4cfc7015f4618c9d9df4edc
-
SHA1
a0cb578e7db5bf553c99951c82b9a921df0bf6f6
-
SHA256
54b4dead916a51533e8f798fb8587dee95d2f08714994d1c74e4e7bf40e45084
-
SHA512
533fc6ccf9e1af89bc223e92e29e045a756851af4bfff9999e08abb2642bcd2967921ff1eb17246d0b07c9a8f2eb7553b78881b3736d08186d1a5d8abba8a082
Static task
static1
Behavioral task
behavioral1
Sample
009876554332.jar
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
009876554332.jar
Resource
win10-en-20211014
Malware Config
Targets
-
-
Target
009876554332.jar
-
Size
91KB
-
MD5
546d61d1b55ea6e8bea9a97dc0ad72df
-
SHA1
069b5b553be4162be3f7cb7af453498f35b7c655
-
SHA256
47f93726c4bd0ead6287c0c9b86ae41809ded39837e7d3e2f6b108ea7bd28fe0
-
SHA512
d91c51954770c81db64c8fae42b841faa0ead86e1b5a4f6b3a5de390d795d569b1d8d1eecc51c2a0f356e91c8286441bde08b1178080ef8f99e22ba20cb7642e
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-