General
-
Target
3PU004731 MPR D2000 WK 24 BERNULY SUPPLY CO LTD.jar
-
Size
217KB
-
Sample
230619-t7tvqsfb22
-
MD5
aab0e96ae1075cead7040e56c7e907e9
-
SHA1
7405ecaaacea052c97a5d8b06a86bc7ac0c855fa
-
SHA256
9abdb3f20f276e4ad06483b19ce8f6c0a29e6f0802da7436a06e6651ba3f7490
-
SHA512
4133dc91f36968872f39677cfb5de901ed1137875dbc0cdd76d7facf51219a1f501889e2e0453a74f74d6282a53e14ef1b8224c44adafb20c7449a0547f192e3
-
SSDEEP
6144:j/ZqtyAW+u8cX2qQUaC01ZDuwcMGLMg5TBwW:jUtjM8cX2qmTP8M6B/
Static task
static1
Behavioral task
behavioral1
Sample
3PU004731 MPR D2000 WK 24 BERNULY SUPPLY CO LTD.jar
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3PU004731 MPR D2000 WK 24 BERNULY SUPPLY CO LTD.jar
Resource
win10v2004-20230220-en
Malware Config
Targets
-
-
Target
3PU004731 MPR D2000 WK 24 BERNULY SUPPLY CO LTD.jar
-
Size
217KB
-
MD5
aab0e96ae1075cead7040e56c7e907e9
-
SHA1
7405ecaaacea052c97a5d8b06a86bc7ac0c855fa
-
SHA256
9abdb3f20f276e4ad06483b19ce8f6c0a29e6f0802da7436a06e6651ba3f7490
-
SHA512
4133dc91f36968872f39677cfb5de901ed1137875dbc0cdd76d7facf51219a1f501889e2e0453a74f74d6282a53e14ef1b8224c44adafb20c7449a0547f192e3
-
SSDEEP
6144:j/ZqtyAW+u8cX2qQUaC01ZDuwcMGLMg5TBwW:jUtjM8cX2qmTP8M6B/
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-