General
-
Target
Enquiry_06-162023.img
-
Size
1.2MB
-
Sample
230616-mg2dkaee27
-
MD5
0fe380592f9947989b2ffeeab2fbd17a
-
SHA1
8457cb303fd5fae8b78b9bda550c5e9b10289f03
-
SHA256
39a48245cc13aec054c2b91204149f20e194e6158fdfc18519acc5decb50148a
-
SHA512
e934dcd9272fe9e7f4f668f554651491862b1edfaf4feaae2a26de2fbec75d9a59cf3ff5da1c30f285897ddbe1a03b484bfef2998ef27718481f0ca493a2d806
-
SSDEEP
6144:TdRPN78WXHNZ7OX2cg5znzn2Ma922gt4QYtQ90Y22ss:TTVAWXH7Q45PnrcXgt1v
Static task
static1
Behavioral task
behavioral1
Sample
ENQUIRY_.jar
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
ENQUIRY_.jar
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
ENQUIRY_.JAR
-
Size
218KB
-
MD5
291f150f24c698b1732279a1e7bd4be4
-
SHA1
bb69a861d63f556350868d4a6a3e6b224cc619db
-
SHA256
a2e2a352b0b93c5ccf734c14ba0367af8b8c980a1ed7622208c62229888afe82
-
SHA512
c80c2a7f1d7623f7d75b1400eb0f8bbeea68b043499f23831ee783f00b39cf7e252b09c8f5b01b5b6efc55812911cd1c54e16261078cafe33586e984d8e2f550
-
SSDEEP
6144:tdRPN78WXHNZ7OX2cg5znzn2Ma922gt4QYtQ90Y22ssw:tTVAWXH7Q45PnrcXgt1vk
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-