General

  • Target

    b4208ac9e4cfc7015f4618c9d9df4edc

  • Size

    85KB

  • Sample

    211122-zvhvlacaa9

  • MD5

    b4208ac9e4cfc7015f4618c9d9df4edc

  • SHA1

    a0cb578e7db5bf553c99951c82b9a921df0bf6f6

  • SHA256

    54b4dead916a51533e8f798fb8587dee95d2f08714994d1c74e4e7bf40e45084

  • SHA512

    533fc6ccf9e1af89bc223e92e29e045a756851af4bfff9999e08abb2642bcd2967921ff1eb17246d0b07c9a8f2eb7553b78881b3736d08186d1a5d8abba8a082

Malware Config

Targets

    • Target

      009876554332.jar

    • Size

      91KB

    • MD5

      546d61d1b55ea6e8bea9a97dc0ad72df

    • SHA1

      069b5b553be4162be3f7cb7af453498f35b7c655

    • SHA256

      47f93726c4bd0ead6287c0c9b86ae41809ded39837e7d3e2f6b108ea7bd28fe0

    • SHA512

      d91c51954770c81db64c8fae42b841faa0ead86e1b5a4f6b3a5de390d795d569b1d8d1eecc51c2a0f356e91c8286441bde08b1178080ef8f99e22ba20cb7642e

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks