General
-
Target
shipment docs.zip
-
Size
198KB
-
Sample
230328-kmbc8abf8s
-
MD5
542624cbb918d3e68332605b3875463d
-
SHA1
3ce54bac9daa0a657f41ba63978cc29dd0f5f63f
-
SHA256
0c2907fab86a121782be17d2bd2af6a1e02a9d8b276f928eb740ca8c38b09e7a
-
SHA512
659e982ff88dad05e5d8eaa4b83556d9e254d195e89f843ce3b1f4b612d7d1e6e78c8c78ecce33e20be74eb8b42c22a7fe58760ce3928c9e99a262bbc88cf5b4
-
SSDEEP
6144:7H4GyyPoGaOiEsSgP2Bsw+Skw9ylUg+cwwu51lKL:zT9oGa/EsHX/SkayBZwwmuL
Static task
static1
Behavioral task
behavioral1
Sample
shipment docs.jar
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
shipment docs.jar
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
shipment docs.jar
-
Size
205KB
-
MD5
25cf0ecdc304d46909899c5a9b243568
-
SHA1
99465760f952aab0bf4c82b1951d55a73d890811
-
SHA256
2462ed49206ac07461831cbbf0217f4cacf5ef58a0d5870e2852f679bdec94d9
-
SHA512
446d5f1e390114cec9ab9b842c0213fc768f8cf79a556db0dd746e8cd8bd53d3d32517d7fa52939f9c63bf49a79ac2d235e16a3f9f61f6d3802c6cde114cfefb
-
SSDEEP
6144:J7A2/A8N7hFfAAi6JoWo74fpaNJ+nl8J0b:iwVXfLfoWo70wN2X
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-