General

  • Target

    4b4e19a710126290196df49a092686fb

  • Size

    101KB

  • Sample

    220224-qgpasadad2

  • MD5

    4b4e19a710126290196df49a092686fb

  • SHA1

    288ba3994ed5fedb3b9d3e19a267bef073f02ba9

  • SHA256

    a36323cc7633934af9b10f0c56841e483bb886836ca94fc52ce37ca3f0cfd190

  • SHA512

    2c517796eba7a302c1a38f6c382496c55cf10f5ee7d5b72ca1ea7c4c512aca81285fe774007a8b8465a67ea859d7b7564e29208e067e8cbc773ca9c0140ad579

Malware Config

Targets

    • Target

      PO24022022DXB.jar

    • Size

      107KB

    • MD5

      1b01cec3551142b050e6aed82018db21

    • SHA1

      0283c9ac0db969702fca3a24ec352359888c00c1

    • SHA256

      1d3219b6ccc538b8cbecb13eb9c23ce00a6ed315a2a7fecb9b791e9cd1888bd8

    • SHA512

      0fedbfc093ef4c17c89e7ddcd0438a3fe217dbbb86eed2745c7d65bc60edeec398cf5e71b86bdba6ecec675350620432d28bf0c4177ffa9e44e6ddf23610794c

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks