General
-
Target
42b99bbf0961d2c5a4dfeeea07f85733eed2ce2f5571904453ae56c4e6e90c7f.jar
-
Size
400KB
-
Sample
240821-bw2gbstcqd
-
MD5
f6b06af9e65718cfa313431a653f4663
-
SHA1
b4ee8f08a515201ad692c2252f8259611ae245a3
-
SHA256
42b99bbf0961d2c5a4dfeeea07f85733eed2ce2f5571904453ae56c4e6e90c7f
-
SHA512
989f546273b1ed0beabb85de886c0edf24f95f605a1c33c0457e900af4f86100b27398dc94a2fdc5b99c5075755d13a75e3535c6912350efaaf6d1077ce21a63
-
SSDEEP
12288:WXN+HTi58brPDRsjv7L35TCjcjNP9iNau:WdaTi5SCnpnP9Qx
Static task
static1
Behavioral task
behavioral1
Sample
42b99bbf0961d2c5a4dfeeea07f85733eed2ce2f5571904453ae56c4e6e90c7f.jar
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
42b99bbf0961d2c5a4dfeeea07f85733eed2ce2f5571904453ae56c4e6e90c7f.jar
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
42b99bbf0961d2c5a4dfeeea07f85733eed2ce2f5571904453ae56c4e6e90c7f.jar
-
Size
400KB
-
MD5
f6b06af9e65718cfa313431a653f4663
-
SHA1
b4ee8f08a515201ad692c2252f8259611ae245a3
-
SHA256
42b99bbf0961d2c5a4dfeeea07f85733eed2ce2f5571904453ae56c4e6e90c7f
-
SHA512
989f546273b1ed0beabb85de886c0edf24f95f605a1c33c0457e900af4f86100b27398dc94a2fdc5b99c5075755d13a75e3535c6912350efaaf6d1077ce21a63
-
SSDEEP
12288:WXN+HTi58brPDRsjv7L35TCjcjNP9iNau:WdaTi5SCnpnP9Qx
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1