General
-
Target
PWS03072023jar.jar
-
Size
217KB
-
Sample
230704-qj2znafa2x
-
MD5
817001b7c56a856da5512272253036a3
-
SHA1
b9a0833356d243a39ffa24ed518a352af990fde7
-
SHA256
ebf6a422c84687d38362e1f65511ad246c1cd457dddeb66ec361f180ef6da395
-
SHA512
9bb4376ce7114cb610ed3a0582bd68a517d971d9ecd1432b69c84fac6957333cad71205fd1816d3ff49b3d0abdc98a89e71114d81bdce9d543e658817776b8d4
-
SSDEEP
6144:7jvUZMsTuDIhFCu4DmAwb3xSoaaZaAt4Xd:7YZuDsFCu4DuBUaZHaXd
Static task
static1
Behavioral task
behavioral1
Sample
PWS03072023jar.jar
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
PWS03072023jar.jar
Resource
win10v2004-20230703-en
Malware Config
Targets
-
-
Target
PWS03072023jar.jar
-
Size
217KB
-
MD5
817001b7c56a856da5512272253036a3
-
SHA1
b9a0833356d243a39ffa24ed518a352af990fde7
-
SHA256
ebf6a422c84687d38362e1f65511ad246c1cd457dddeb66ec361f180ef6da395
-
SHA512
9bb4376ce7114cb610ed3a0582bd68a517d971d9ecd1432b69c84fac6957333cad71205fd1816d3ff49b3d0abdc98a89e71114d81bdce9d543e658817776b8d4
-
SSDEEP
6144:7jvUZMsTuDIhFCu4DmAwb3xSoaaZaAt4Xd:7YZuDsFCu4DuBUaZHaXd
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-