Overview

overview

10

Static

static

10

HSBCPAYMEN...ON.jar

windows7-x64

3

HSBCPAYMEN...ON.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    HSBCPAYMENTINFORMATION.jar

  • Size

    323KB

  • Sample

    240422-wpqfpsed3v

  • MD5

    8bc5d958958ecbd730d7dda1944df217

  • SHA1

    ba085c5a31c068fc091e5bcdb1053a3361fcab3a

  • SHA256

    af81551ceb897d30262d1e026c726cca1c557432ef3941517d52ba0c729ee390

  • SHA512

    0e5756f0ad4f4ac9d7b6f58457544c070f10bc4f47f24d0d46180bdf4d29de4d3cdba25030acf9aad4c2fe91bbd06d1696bf5fbd17f6911b74256a947036e374

  • SSDEEP

    6144:ONxOYNczJ2hrMeMS37wnjKqIbYUaQ5EpI11qvzA8E2or7JxDia+cdicoJc9X:0QYczJWYo7weqIbP/5EW11qP4r7JxDy4

Score
10/10
adwinddiscovery

Malware Config

Targets

    • Target

      HSBCPAYMENTINFORMATION.jar

    • Size

      323KB

    • MD5

      8bc5d958958ecbd730d7dda1944df217

    • SHA1

      ba085c5a31c068fc091e5bcdb1053a3361fcab3a

    • SHA256

      af81551ceb897d30262d1e026c726cca1c557432ef3941517d52ba0c729ee390

    • SHA512

      0e5756f0ad4f4ac9d7b6f58457544c070f10bc4f47f24d0d46180bdf4d29de4d3cdba25030acf9aad4c2fe91bbd06d1696bf5fbd17f6911b74256a947036e374

    • SSDEEP

      6144:ONxOYNczJ2hrMeMS37wnjKqIbYUaQ5EpI11qvzA8E2or7JxDia+cdicoJc9X:0QYczJWYo7weqIbP/5EW11qP4r7JxDy4

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies file permissions

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

1
T1222

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks