General

  • Target

    d46ced619302d537e07481dfe8a1e7e1.bin

  • Size

    211KB

  • Sample

    230629-cdpv9acf4t

  • MD5

    04c304ceeefc516cee19322f6e252547

  • SHA1

    15ca2f50e8efb5e9b0f833c373ba77cf2e72bb93

  • SHA256

    79325b550d8d499c64eb0ebefb98fd3f22201b4784a739d79ecd73ebaae8c45a

  • SHA512

    9e5c5fb0065455e5fca4d83a43a29ef8618d5370b19437fa109be430c532d1f7fc24f7dd38007cd0c11e0b92d25acef18215fdf3a9dee5db4063a7d50c6d089a

  • SSDEEP

    6144:zlw3/CAxPSmBbNRJQNMd3MFC/H7GJvObrVV0vZ/HVrJIgECNS3e:G36+T+NI8FCf762brzwx2l27

Malware Config

Targets

    • Target

      4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec.jar

    • Size

      218KB

    • MD5

      d46ced619302d537e07481dfe8a1e7e1

    • SHA1

      135311ed819821a8a5043a0141c192e7b121a459

    • SHA256

      4e0f0e48af90b53ca2f5bfe07730901ca963655051f5fd4fba455933bc9a72ec

    • SHA512

      e4a35e5868ab5d267165375093a929ed02fc00b1fa6d9ef6e922c2992347363727b4c3ec935cf0562a600bbb5d571033e1e849ed5c12fc87915e2c2f0e605911

    • SSDEEP

      6144:UgYgkGYzGvr/s2tpIg5+YagSKH2KDUsI9:UgYWQEIgoYtSQ2Kgx9

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v6

Tasks