General

  • Target

    SF21345PD.jar

  • Size

    177KB

  • Sample

    220127-ryk55aecfr

  • MD5

    8335c4671d46780c660f2ded7f54f215

  • SHA1

    cc793fdb8c9836dc42d05d80f1cbfb1446cc1b05

  • SHA256

    848158bc414859b4e7f45f39c716c2c7ed314d1fbdef864562cfef8e82b9a070

  • SHA512

    3bca320237f61208a97303e3460add0b543f00bc43a0e5f697d496299790d1d5a68735f918dca13671716fcc51e519fd22f6cf090c67713a02d017192dd3970e

Malware Config

Targets

    • Target

      SF21345PD.jar

    • Size

      177KB

    • MD5

      8335c4671d46780c660f2ded7f54f215

    • SHA1

      cc793fdb8c9836dc42d05d80f1cbfb1446cc1b05

    • SHA256

      848158bc414859b4e7f45f39c716c2c7ed314d1fbdef864562cfef8e82b9a070

    • SHA512

      3bca320237f61208a97303e3460add0b543f00bc43a0e5f697d496299790d1d5a68735f918dca13671716fcc51e519fd22f6cf090c67713a02d017192dd3970e

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks