General

  • Target

    PAYMENT SLIP .jar

  • Size

    184KB

  • Sample

    211019-rezt6sfhg8

  • MD5

    98f7c08f8008f97e210bfc4d00dbe4a1

  • SHA1

    30f02ead4606acf7ffb8a9b3a1f2423475c3ff2e

  • SHA256

    62229e0f4da3175320dff7b4783a373c6ede87d20ca8caff6b21a3674610509c

  • SHA512

    3cc83e48aa36129876fef5b734efdc7aa35197b36fcc66840c4605dadab5b61159269a71e33425bb1c2f3bda2ae0f49666dca619fb399a10f7dd647c7cb94564

Malware Config

Targets

    • Target

      PAYMENT SLIP .jar

    • Size

      184KB

    • MD5

      98f7c08f8008f97e210bfc4d00dbe4a1

    • SHA1

      30f02ead4606acf7ffb8a9b3a1f2423475c3ff2e

    • SHA256

      62229e0f4da3175320dff7b4783a373c6ede87d20ca8caff6b21a3674610509c

    • SHA512

      3cc83e48aa36129876fef5b734efdc7aa35197b36fcc66840c4605dadab5b61159269a71e33425bb1c2f3bda2ae0f49666dca619fb399a10f7dd647c7cb94564

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.