General
-
Target
c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf.jar
-
Size
400KB
-
Sample
240822-mw29eawapm
-
MD5
247581cc28bdbd4d432669ca5d588163
-
SHA1
da0fb4d2b9659436cdad587689a26600aa52fe20
-
SHA256
c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf
-
SHA512
68281c5c48f0333943d24ad9d1e54196dbe809d43e3f9a170ee22cfc7b51350be001f7a68285e33752684ca00568419442c6bc05994f78e56bb32338e2f024e8
-
SSDEEP
12288:QQeEHTT5f4YEDBA8v7m3zaWLckXP9iN43:QJgTT59ISjFP9Qu
Static task
static1
Behavioral task
behavioral1
Sample
c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf.jar
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf.jar
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf.jar
-
Size
400KB
-
MD5
247581cc28bdbd4d432669ca5d588163
-
SHA1
da0fb4d2b9659436cdad587689a26600aa52fe20
-
SHA256
c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf
-
SHA512
68281c5c48f0333943d24ad9d1e54196dbe809d43e3f9a170ee22cfc7b51350be001f7a68285e33752684ca00568419442c6bc05994f78e56bb32338e2f024e8
-
SSDEEP
12288:QQeEHTT5f4YEDBA8v7m3zaWLckXP9iN43:QJgTT59ISjFP9Qu
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1