General

  • Target

    Request_For_Quotation.js

  • Size

    182KB

  • Sample

    211206-qgmf7ahaa3

  • MD5

    afbdc17c55ce020dae96ab3ffaf0c432

  • SHA1

    160149389505c797a34c5989a183691ad215adcc

  • SHA256

    138ba8ab63b093c34227d2309aee97032b19563fe69ed1ba018c29bf63ac4345

  • SHA512

    b81e449ae8597ce2b66254a3914d1a2f00017423220d84fb958630490eac1ace0bb51445b01c27182962d8e5a195e5b91763e384ab58eb4518e0d1c0576c7926

Malware Config

Targets

    • Target

      Request_For_Quotation.js

    • Size

      182KB

    • MD5

      afbdc17c55ce020dae96ab3ffaf0c432

    • SHA1

      160149389505c797a34c5989a183691ad215adcc

    • SHA256

      138ba8ab63b093c34227d2309aee97032b19563fe69ed1ba018c29bf63ac4345

    • SHA512

      b81e449ae8597ce2b66254a3914d1a2f00017423220d84fb958630490eac1ace0bb51445b01c27182962d8e5a195e5b91763e384ab58eb4518e0d1c0576c7926

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks