cd34dde6d4f4c55c88ac93ca16e191203741be092d9c1f342587520a3720d70a | Triage

Sharing

General

Target

jar-infection-scanner.zip
Size

466KB
Sample

230613-w6sx6aad24
MD5

2ffb1317fc911138a039b17cd3973893
SHA1

15fdea37e5bc6ee94d1734d9dbbfdf6388e2696a
SHA256

cd34dde6d4f4c55c88ac93ca16e191203741be092d9c1f342587520a3720d70a
SHA512

a674ba81a59ac0b5bdd71c404946fa4deeb5943808acf3b261a5261f07c3b413d956916743d431c53450a63d66f30baff6c0ea4f2363c3369bc8fc0a6b7fba0d
SSDEEP

12288:6Gdup9JNq9SJb+Zm58SNs0M2XRSUZjgmvdJu+Haa:JkLE4V+Zm58Is0M2XEcgmFTJ

Score

5^/10

microsoft phishing

Malware Config

Targets

- Target
  
  jar-infection-scanner/ICSharpCode.SharpZipLib.dll
- Size
  
  256KB
- MD5
  
  e85f771d3d7af873c067be25cb145384
- SHA1
  
  b23124e9b52d366eb57bd68f8af431946f765542
- SHA256
  
  53668fb2c9a19d420aed4150004b26ff0b4be611bf2e0b8e22dd8f08155cf185
- SHA512
  
  2b799c5bedb735111e40720c0f5faeb0a9a56413507f994eb0f9d50b9733c25987f3669b1d19198dece027bb7cd486524cd00c44cb97f35204cd9a916f575607
- SSDEEP
  
  6144:KXvJj49GIq1a+L0g9FWz1SSA2ltaccym865IVV:249GI2a+1FWZH+cww
Score

1^/10
behavioral1 behavioral2 behavioral3
- Target
  
  jar-infection-scanner/JarInfectionScanner.exe
- Size
  
  25KB
- MD5
  
  f953be311c44ef80366ec2acf8e2afdc
- SHA1
  
  215bc84d8d6d93b47e4c164d5eb9a65290f9a557
- SHA256
  
  94fbc2ed1a96f78ef82c8b452c2c445cb9d882eec2a8cdbe637595452e9e6980
- SHA512
  
  7a1be2551dfc0f3f82f3990607df12f6b796cd6ce16b53eb79e469bd5efc4b9bed674a5c16ff8ce65fb185264689d8471d5232ef8049e59f72b2581168926531
- SSDEEP
  
  384:asSxezDbi7bmT1xwjvdBmd5UEGLQP5fGfIYiPWsav8JN77hh3wJI8S:asSSSKRxdAGUgYiPz3hRwXS
Score

5^/10

microsoft phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral4 behavioral5 behavioral6
- Target
  
  jar-infection-scanner/Microsoft.WindowsAPICodePack.Shell.dll
- Size
  
  537KB
- MD5
  
  81dbbfa7e56e5d332957f216ee6e1b0e
- SHA1
  
  fcb925e8e9dd45510e7c2eda14b3d31cd4f15806
- SHA256
  
  fbc545911ebcd1776a927932b65f04bb7f7231cb33ee8708d252d4a3e92e5356
- SHA512
  
  664f0b300353b6696640f9818cd946568f581e7a8dbf8e48b241733f5051b485a0486b52c87cf4448ddb851805fd8ca5f507bad09dcea172e0bef2fd441941ac
- SSDEEP
  
  6144:GRAFnp++R1yj124hKX97kANqQHlWBwn9dgPan1W86b8c3v6n9c6KwZErn+LYHtA3:GApI2D97kANVFWBwn9iPIL9Mwh
Score

1^/10
behavioral7 behavioral8 behavioral9
- Target
  
  jar-infection-scanner/Microsoft.WindowsAPICodePack.dll
- Size
  
  110KB
- MD5
  
  14ea0eba7ecbf6d784ece6837969f0c8
- SHA1
  
  9f47c4704b8092e4f92716c4e77d261691c83120
- SHA256
  
  a9587381da42718ed28d1cd213d560d4ca3ba85011f81d4845b6b0ed644424fb
- SHA512
  
  d1f66e3d45f17f42b4cf8cec2d17934bfe54e60113230bc317e1c32f03da1a9f3902d21e53915d9970f0bebad94250c7b42fb5dfce8bbc1c85a823ec481502c5
- SSDEEP
  
  3072:iBPJ2fTauHhiiWPCeOMt0ImL6HKgqYR1FliQFno+9:iUpWPCeBHxZWQ
Score

1^/10
behavioral10 behavioral11 behavioral12
- Target
  
  jar-infection-scanner/System.Buffers.dll
- Size
  
  20KB
- MD5
  
  ecdfe8ede869d2ccc6bf99981ea96400
- SHA1
  
  2f410a0396bc148ed533ad49b6415fb58dd4d641
- SHA256
  
  accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb
- SHA512
  
  5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741
- SSDEEP
  
  384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e
Score

1^/10
behavioral13 behavioral14 behavioral15
- Target
  
  jar-infection-scanner/System.Memory.dll
- Size
  
  137KB
- MD5
  
  6fb95a357a3f7e88ade5c1629e2801f8
- SHA1
  
  19bf79600b716523b5317b9a7b68760ae5d55741
- SHA256
  
  8e76318e8b06692abf7dab1169d27d15557f7f0a34d36af6463eff0fe21213c7
- SHA512
  
  293d8c709bc68d2c980a0df423741ce06d05ff757077e63986d34cb6459f9623a024d12ef35a280f50d3d516d98abe193213b9ca71bfde2a9fe8753b1a6de2f0
- SSDEEP
  
  3072:IUGrszKKLBFa9DvrJGeesIf3afNs2AldfI:jBFd3/aFs2
Score

1^/10
behavioral16 behavioral17 behavioral18
- Target
  
  jar-infection-scanner/System.Numerics.Vectors.dll
- Size
  
  113KB
- MD5
  
  aaa2cbf14e06e9d3586d8a4ed455db33
- SHA1
  
  3d216458740ad5cb05bc5f7c3491cde44a1e5df0
- SHA256
  
  1d3ef8698281e7cf7371d1554afef5872b39f96c26da772210a33da041ba1183
- SHA512
  
  0b14a039ca67982794a2bb69974ef04a7fbee3686d7364f8f4db70ea6259d29640cbb83d5b544d92fa1d3676c7619cd580ff45671a2bb4753ed8b383597c6da8
- SSDEEP
  
  1536:nPOw0SUUKw+GbgjMV+fCY1UiiGZ6qetMXIAMZ2zstK/hV+sUwS:nWw0SUUKBM8aOUiiGw7qa9tK/bJS
Score

1^/10
behavioral19 behavioral20 behavioral21
- Target
  
  jar-infection-scanner/System.Runtime.CompilerServices.Unsafe.dll
- Size
  
  16KB
- MD5
  
  da04a75ddc22118ed24e0b53e474805a
- SHA1
  
  2d68c648a6a6371b6046e6c3af09128230e0ad32
- SHA256
  
  66409f670315afe8610f17a4d3a1ee52d72b6a46c544cec97544e8385f90ad74
- SHA512
  
  26af01ca25e921465f477a0e1499edc9e0ac26c23908e5e9b97d3afd60f3308bfbf2c8ca89ea21878454cd88a1cddd2f2f0172a6e1e87ef33c56cd7a8d16e9c8
- SSDEEP
  
  192:LGLxTyHvc4ROgcxAdWXYWJeaPtWsI9A9GaHnhWgN7aJeWw0fnCsqnajt:LgGLROZAdWXYW8aPcyHRN7WEqn1lx
Score

1^/10
behavioral22 behavioral23 behavioral24
- Target
  
  jar-infection-scanner/System.Threading.Tasks.Extensions.dll
- Size
  
  32KB
- MD5
  
  0f384afcf671483188b9019d3b7457a7
- SHA1
  
  79a73a170ba0596d8e84a432dd2caa2faf831bee
- SHA256
  
  2c9cad6410e37e44fa73cccb576f418184f1ae5a0a257e165a136bdaa941a0c6
- SHA512
  
  713dfea9fcad5dd6924c3fdeb0d279d104c85df5c12b2ca125868fa71a6f2db14f098473233902d5783d8276369d6f9903ab4c096fc88daee10a84cba418090f
- SSDEEP
  
  384:KR9PEIXHrMzTGaBb05Mlw065eUGef8x72tdGanWsJWXGtF0GftpBjOzc4HRN7cJ5:KRFRXAvGSYSbBE+c+iwzBc+Kl
Score

1^/10
behavioral25 behavioral26 behavioral27

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

microsoftphishing

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27