General
-
Target
PO24022022DXB.jar
-
Size
107KB
-
Sample
220224-npfbqschf5
-
MD5
1b01cec3551142b050e6aed82018db21
-
SHA1
0283c9ac0db969702fca3a24ec352359888c00c1
-
SHA256
1d3219b6ccc538b8cbecb13eb9c23ce00a6ed315a2a7fecb9b791e9cd1888bd8
-
SHA512
0fedbfc093ef4c17c89e7ddcd0438a3fe217dbbb86eed2745c7d65bc60edeec398cf5e71b86bdba6ecec675350620432d28bf0c4177ffa9e44e6ddf23610794c
Static task
static1
Behavioral task
behavioral1
Sample
PO24022022DXB.jar
Resource
win7-20220223-en
Behavioral task
behavioral2
Sample
PO24022022DXB.jar
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
PO24022022DXB.jar
-
Size
107KB
-
MD5
1b01cec3551142b050e6aed82018db21
-
SHA1
0283c9ac0db969702fca3a24ec352359888c00c1
-
SHA256
1d3219b6ccc538b8cbecb13eb9c23ce00a6ed315a2a7fecb9b791e9cd1888bd8
-
SHA512
0fedbfc093ef4c17c89e7ddcd0438a3fe217dbbb86eed2745c7d65bc60edeec398cf5e71b86bdba6ecec675350620432d28bf0c4177ffa9e44e6ddf23610794c
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-