General
-
Target
SBS RFQ 00926800230609_pdf (93kb).jar
-
Size
219KB
-
Sample
230609-ptf99scb34
-
MD5
a25fa173093bf047bb4e789b79bfaa63
-
SHA1
99f8196992e7652569efb8dff2ce3505c730cba0
-
SHA256
028376d3fd8b3dabf7f41eb68cdddd5e04054792ce328cf7ef5e320ccf32ab1f
-
SHA512
814a6da7bc94a8e196f84e59e431458713e2cb9141eb6d6f09117173846414a1bcd057ddabe53c795feeffe326f99e63730657f55efdcc9eedecd6fcb3071c6f
-
SSDEEP
6144:lIXAs8OwnBa8vAL82E6v4LglHQIpHEuUT7PJ4CKUjdH:ukOwnrvkDWLgfUnPl
Static task
static1
Behavioral task
behavioral1
Sample
SBS RFQ 00926800230609_pdf (93kb).jar
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
SBS RFQ 00926800230609_pdf (93kb).jar
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
SBS RFQ 00926800230609_pdf (93kb).jar
-
Size
219KB
-
MD5
a25fa173093bf047bb4e789b79bfaa63
-
SHA1
99f8196992e7652569efb8dff2ce3505c730cba0
-
SHA256
028376d3fd8b3dabf7f41eb68cdddd5e04054792ce328cf7ef5e320ccf32ab1f
-
SHA512
814a6da7bc94a8e196f84e59e431458713e2cb9141eb6d6f09117173846414a1bcd057ddabe53c795feeffe326f99e63730657f55efdcc9eedecd6fcb3071c6f
-
SSDEEP
6144:lIXAs8OwnBa8vAL82E6v4LglHQIpHEuUT7PJ4CKUjdH:ukOwnrvkDWLgfUnPl
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-