General

  • Target

    24.02.22_11.07_Telefax.unbekannt.jar

  • Size

    161KB

  • Sample

    220224-kg12pacdc9

  • MD5

    6db8b2bc470191fed3efd4937f1be0ba

  • SHA1

    d051d2771e38e57334e06f41823bfc76818025cf

  • SHA256

    7aabe909ac93d7930bc1195f092cd2f0fb7ca8dbbb543e4a3d442f6bb13121a0

  • SHA512

    a3c2e0e6184c8676429437b16e295bcc3394a1fcbb727ebafbef5b94fc68624d080e1cfc5047765d7d5a0eb18096be5472d17f9797724a1e7a65ef52f1dc7a6e

Malware Config

Targets

    • Target

      24.02.22_11.07_Telefax.unbekannt.jar

    • Size

      161KB

    • MD5

      6db8b2bc470191fed3efd4937f1be0ba

    • SHA1

      d051d2771e38e57334e06f41823bfc76818025cf

    • SHA256

      7aabe909ac93d7930bc1195f092cd2f0fb7ca8dbbb543e4a3d442f6bb13121a0

    • SHA512

      a3c2e0e6184c8676429437b16e295bcc3394a1fcbb727ebafbef5b94fc68624d080e1cfc5047765d7d5a0eb18096be5472d17f9797724a1e7a65ef52f1dc7a6e

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks