General

  • Target

    IMG-26112021.jar

  • Size

    95KB

  • Sample

    211126-w3rkxseadk

  • MD5

    73da8c0e5b6b69c2e951c3a941ff2c79

  • SHA1

    006d2f8a475c61d2c8effdedb9d3926d5c687448

  • SHA256

    b9cf076f5b53babe02a51ed0e82b100eb59279d5eaf703cfc6c15312bfca4c0d

  • SHA512

    46604b6f1d1e53124fcf272db6091fdc6863ea7a90f15d8ae08f444ee406ac3fdad04f94acb75e3e9758b584aaf6673a638108b709cf68a192e4be1343dcac1b

Malware Config

Targets

    • Target

      IMG-26112021.jar

    • Size

      95KB

    • MD5

      73da8c0e5b6b69c2e951c3a941ff2c79

    • SHA1

      006d2f8a475c61d2c8effdedb9d3926d5c687448

    • SHA256

      b9cf076f5b53babe02a51ed0e82b100eb59279d5eaf703cfc6c15312bfca4c0d

    • SHA512

      46604b6f1d1e53124fcf272db6091fdc6863ea7a90f15d8ae08f444ee406ac3fdad04f94acb75e3e9758b584aaf6673a638108b709cf68a192e4be1343dcac1b

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks