General
-
Target
4f158f6b80d43686c5896e210b06e1dae5b55d8d991c8819880cc1258ef8c952.jar
-
Size
481KB
-
Sample
240611-qy359syene
-
MD5
b01a67bd2a96b8b405d7c5e338032ce0
-
SHA1
6671d94fdebf2e9e5f741f38031ffbb73daa6106
-
SHA256
4f158f6b80d43686c5896e210b06e1dae5b55d8d991c8819880cc1258ef8c952
-
SHA512
68b630997fb1bb5cd06b3db113b9142c2419b42c7345382b9484caff5bb801878c26e1b73f7e4cfc8bf3d4d02ba58050745eef7409f93573ddc504ce218b3776
-
SSDEEP
12288:6Hl72KeQSPEpb6BNiF/Rb5hiqCXo2R3J6UgKc5:6F72l2yNQlK56UM
Static task
static1
Behavioral task
behavioral1
Sample
4f158f6b80d43686c5896e210b06e1dae5b55d8d991c8819880cc1258ef8c952.jar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4f158f6b80d43686c5896e210b06e1dae5b55d8d991c8819880cc1258ef8c952.jar
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
4f158f6b80d43686c5896e210b06e1dae5b55d8d991c8819880cc1258ef8c952.jar
-
Size
481KB
-
MD5
b01a67bd2a96b8b405d7c5e338032ce0
-
SHA1
6671d94fdebf2e9e5f741f38031ffbb73daa6106
-
SHA256
4f158f6b80d43686c5896e210b06e1dae5b55d8d991c8819880cc1258ef8c952
-
SHA512
68b630997fb1bb5cd06b3db113b9142c2419b42c7345382b9484caff5bb801878c26e1b73f7e4cfc8bf3d4d02ba58050745eef7409f93573ddc504ce218b3776
-
SSDEEP
12288:6Hl72KeQSPEpb6BNiF/Rb5hiqCXo2R3J6UgKc5:6F72l2yNQlK56UM
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-