General
-
Target
194291014-215139-sanlccjavap0003-1.jar
-
Size
161KB
-
Sample
220222-jmjtxsecc7
-
MD5
ef9f5b4a6c33c916bc9ef517e5545ed4
-
SHA1
4d4a56dc34e6938002f6867a96cb2c5143a8ec68
-
SHA256
7ccc38e2616bfb5aef446213a4cab27cffd99e91ba1e035857344a8d5c9454b3
-
SHA512
efb74971ad08e37638c3466209b4b4003f392b9cf73b9111ae340ad2756f9bdf447e8cf65c064c3d80c0b167f81b4b57c330c43bd49b9b261b101b80b44d1546
Static task
static1
Behavioral task
behavioral1
Sample
194291014-215139-sanlccjavap0003-1.jar
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
194291014-215139-sanlccjavap0003-1.jar
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
194291014-215139-sanlccjavap0003-1.jar
-
Size
161KB
-
MD5
ef9f5b4a6c33c916bc9ef517e5545ed4
-
SHA1
4d4a56dc34e6938002f6867a96cb2c5143a8ec68
-
SHA256
7ccc38e2616bfb5aef446213a4cab27cffd99e91ba1e035857344a8d5c9454b3
-
SHA512
efb74971ad08e37638c3466209b4b4003f392b9cf73b9111ae340ad2756f9bdf447e8cf65c064c3d80c0b167f81b4b57c330c43bd49b9b261b101b80b44d1546
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-