General

  • Target

    Final Payment Invoice.jar

  • Size

    218KB

  • Sample

    230619-1ebxsagd82

  • MD5

    c1db46240a7a82f6f7d36e8c66b6158e

  • SHA1

    d5ecc30c52e8f1bb9a88f0bcf9910ec73d1f7979

  • SHA256

    74e4b425d0d1ad36e8c3fdbd874857e4ba9bd6e3721e3cffe83947e353446ee3

  • SHA512

    e48cd967189441d1b4132490aa9fd46e5ce089c1931773d415bf7609a9b4afb595eaf458d99e1f2f23b004a23669ce8818e8a7f4ccd287fd700cfe54785167cb

  • SSDEEP

    3072:E5RrQ3m9lTKMZYJWBn+wjS6qC2UeourJ1PP+mkZE67tqlTA5h3CDEPdrKi4WcC0A:eRSMKMKwBTDqCSzH+mYol+vr+Wp04TwA

Malware Config

Targets

    • Target

      Final Payment Invoice.jar

    • Size

      218KB

    • MD5

      c1db46240a7a82f6f7d36e8c66b6158e

    • SHA1

      d5ecc30c52e8f1bb9a88f0bcf9910ec73d1f7979

    • SHA256

      74e4b425d0d1ad36e8c3fdbd874857e4ba9bd6e3721e3cffe83947e353446ee3

    • SHA512

      e48cd967189441d1b4132490aa9fd46e5ce089c1931773d415bf7609a9b4afb595eaf458d99e1f2f23b004a23669ce8818e8a7f4ccd287fd700cfe54785167cb

    • SSDEEP

      3072:E5RrQ3m9lTKMZYJWBn+wjS6qC2UeourJ1PP+mkZE67tqlTA5h3CDEPdrKi4WcC0A:eRSMKMKwBTDqCSzH+mYol+vr+Wp04TwA

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks