General
-
Target
order list.jar
-
Size
11KB
-
Sample
200630-39neazl3j6
-
MD5
cca082e8a7c4da3e81a0b203732e4f7f
-
SHA1
cc1a61f0196dc922ef1fe50ba529ab20369d8043
-
SHA256
fc850eff405c60ca3073e736fcd65482b67f41ab197526485789957ae5a06c23
-
SHA512
849e664318547a4d99daf1d31dfb27432cfb85d03349d99ae734dd9c68672196f0943469171aed15ffc83b26269d86dbe840a18622c2924890a325247ae679ec
Static task
static1
Behavioral task
behavioral1
Sample
order list.jar
Resource
win7v200430
Behavioral task
behavioral2
Sample
order list.jar
Resource
win10
Malware Config
Targets
-
-
Target
order list.jar
-
Size
11KB
-
MD5
cca082e8a7c4da3e81a0b203732e4f7f
-
SHA1
cc1a61f0196dc922ef1fe50ba529ab20369d8043
-
SHA256
fc850eff405c60ca3073e736fcd65482b67f41ab197526485789957ae5a06c23
-
SHA512
849e664318547a4d99daf1d31dfb27432cfb85d03349d99ae734dd9c68672196f0943469171aed15ffc83b26269d86dbe840a18622c2924890a325247ae679ec
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run entry to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-