General

  • Target

    HBL No. SKLZ212352--ORIGINAL.jar

  • Size

    119KB

  • Sample

    220224-y8sraadfb9

  • MD5

    e628dfc38bc08de88d9cddd977187a98

  • SHA1

    0e9bc853226d52161a64cd13e200023aa51584ad

  • SHA256

    8efa0e193fb08adf90ba95c2e7f2de6453c3276cd8ae154c4af117a48a668ef3

  • SHA512

    8e13422a58496c3648b23cb86966cd89e1eacc0b8422d36337301ac18f1019c387e210ce22e003521425722aa5814bfe18e9b818808b703f1233fdea6b03d01f

Malware Config

Targets

    • Target

      HBL No. SKLZ212352--ORIGINAL.jar

    • Size

      119KB

    • MD5

      e628dfc38bc08de88d9cddd977187a98

    • SHA1

      0e9bc853226d52161a64cd13e200023aa51584ad

    • SHA256

      8efa0e193fb08adf90ba95c2e7f2de6453c3276cd8ae154c4af117a48a668ef3

    • SHA512

      8e13422a58496c3648b23cb86966cd89e1eacc0b8422d36337301ac18f1019c387e210ce22e003521425722aa5814bfe18e9b818808b703f1233fdea6b03d01f

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks