General
-
Target
eec8d2a36caf6e46308dd647eab802a7aa3926ec93835f68bba2143194dc49d6
-
Size
216KB
-
Sample
240511-jkp8xsgh77
-
MD5
3cdf6de2490eeb68aaafd02b9e980aa5
-
SHA1
8c30590b9b8ab3bd80dcd40e5bdd9eabb5e89b0c
-
SHA256
eec8d2a36caf6e46308dd647eab802a7aa3926ec93835f68bba2143194dc49d6
-
SHA512
a4ab73992dde42533c2e056fdbc2ae675db3d90386d77a4bc4ce2cba27e49a9eec9778df2a1941851e5035d49ac2038074bd49d2767529d75f2056c8110e7831
-
SSDEEP
6144:Qbf8/CORFXGqpoPXaXSFcjfcc7MXZKlBo:K6CGGXPqCuosuZKlBo
Static task
static1
Behavioral task
behavioral1
Sample
50138aa6c36152d659a239c8877faa875d18152fa56c63fada3fc8a69d0719bf.jar
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
50138aa6c36152d659a239c8877faa875d18152fa56c63fada3fc8a69d0719bf.jar
-
Size
216KB
-
MD5
d553f70a48745ac7fd556cfa45efbc9c
-
SHA1
f4fb627758fb70518a2fb6a89be2ff3ea40241f8
-
SHA256
50138aa6c36152d659a239c8877faa875d18152fa56c63fada3fc8a69d0719bf
-
SHA512
7e6aceae21bd99063d870e61dcbe39c6f19adfa4268bf91734953119a6a78428d6c1e3f44d40c56ed0cfae2df023ea8a60b09ed2acf48bc722dcd7a2d82933c2
-
SSDEEP
6144:8qnzpwCDhLMFZOo5WK9+TkfFNkW00canghqSiqnXrrzGFA:XzpQZFkgtNwJkgMYXrB
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-