General

  • Target

    COTIZAR PARA RIMACBXA271SUBARUXV.jar

  • Size

    218KB

  • Sample

    230615-jgzyysfb4t

  • MD5

    e180d2008a5ea0d4324a766dcae90578

  • SHA1

    b04b349c4cd8909243aaf9e36f72861670eb66e0

  • SHA256

    2f401ace404c4a42dd980d8b440ea476f28b6a828e9f469ef2b30fabf384d1b3

  • SHA512

    3c476c8b4dcb21f154b49376b94427d036ca0289d12b19d9f158b9e2dcbe82282a3fcf3706f1c616670b3abc2c27d912bf337a025e915f544d1fb32731fa97f6

  • SSDEEP

    3072:qiBrYM9+hIY7tlpkaziIP58zuuIZ375+E0P3ZMYs2CdUbccsRzLe:74ZhYazMYp9n0fZ94cn

Malware Config

Targets

    • Target

      COTIZAR PARA RIMACBXA271SUBARUXV.jar

    • Size

      218KB

    • MD5

      e180d2008a5ea0d4324a766dcae90578

    • SHA1

      b04b349c4cd8909243aaf9e36f72861670eb66e0

    • SHA256

      2f401ace404c4a42dd980d8b440ea476f28b6a828e9f469ef2b30fabf384d1b3

    • SHA512

      3c476c8b4dcb21f154b49376b94427d036ca0289d12b19d9f158b9e2dcbe82282a3fcf3706f1c616670b3abc2c27d912bf337a025e915f544d1fb32731fa97f6

    • SSDEEP

      3072:qiBrYM9+hIY7tlpkaziIP58zuuIZ375+E0P3ZMYs2CdUbccsRzLe:74ZhYazMYp9n0fZ94cn

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks