General

  • Target

    34565434567654577654.jar

  • Size

    123KB

  • Sample

    220222-mntbjaghbr

  • MD5

    083fd388943aa92533d7b63d7d0bda89

  • SHA1

    48beba363d91e88766c1466036aaffd0d4b7f931

  • SHA256

    595ab2d1b7478b6c6a18fec3698cb131d8115c346b0408c6667aa6561a443c2b

  • SHA512

    cd18d5bcfe310abd9625e509f704cbf105938aed936e442c7f0bf66b200699a6e49ecd5858c550f4f9fa34eb6d25fce75aab344315cbf9ee1d8075d95d909f66

Malware Config

Targets

    • Target

      34565434567654577654.jar

    • Size

      123KB

    • MD5

      083fd388943aa92533d7b63d7d0bda89

    • SHA1

      48beba363d91e88766c1466036aaffd0d4b7f931

    • SHA256

      595ab2d1b7478b6c6a18fec3698cb131d8115c346b0408c6667aa6561a443c2b

    • SHA512

      cd18d5bcfe310abd9625e509f704cbf105938aed936e442c7f0bf66b200699a6e49ecd5858c550f4f9fa34eb6d25fce75aab344315cbf9ee1d8075d95d909f66

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks