General

  • Target

    decoded.jar

  • Size

    85KB

  • Sample

    220309-wy1b9sbdd6

  • MD5

    2f2b1c6f03c7ec102fddd8f014879eeb

  • SHA1

    f2addbf1a294e1537abd20bcee2ffcd8ea4ef0b9

  • SHA256

    7c7914eabf6a9034e330582cc795e725efa0c8e5cf36a6c9b0b30169db841018

  • SHA512

    27e573af6d5aea9b8b09986befeb40631fd1c3df4c296aabc4c8267bb0ac43c2f53875a51dc3478a0dc305579d761d489d28d545362a61b5e393c506b824af5e

Malware Config

Targets

    • Target

      decoded.jar

    • Size

      85KB

    • MD5

      2f2b1c6f03c7ec102fddd8f014879eeb

    • SHA1

      f2addbf1a294e1537abd20bcee2ffcd8ea4ef0b9

    • SHA256

      7c7914eabf6a9034e330582cc795e725efa0c8e5cf36a6c9b0b30169db841018

    • SHA512

      27e573af6d5aea9b8b09986befeb40631fd1c3df4c296aabc4c8267bb0ac43c2f53875a51dc3478a0dc305579d761d489d28d545362a61b5e393c506b824af5e

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks