General

  • Target

    nPedido-de-cotizacion.jar

  • Size

    70KB

  • Sample

    230704-n8lb4acd35

  • MD5

    f320885909e68bd534fb190dd36b8d17

  • SHA1

    3e1996517744351c580728a8ff9ca18bd9bc579c

  • SHA256

    087a4ea357c6298a1f9c86740171113d0aeacd8b6a0abe0d9652dff80accf432

  • SHA512

    8bd32377e904b6e82ccfcbe4e16657035457271bf120703fc4b1e55979f8ee476b8f7d10f8603d9d5f4deecd2eacb79af9e67e5e06b7ae40de1beddf07129ee3

  • SSDEEP

    1536:7ZIxQKcSF6BFNY4pfn4vMO8NammIyxELSxcczhmLY0PtrjI:tqQiFiY4JyM6syxQihTOrjI

Malware Config

Targets

    • Target

      nPedido-de-cotizacion.jar

    • Size

      70KB

    • MD5

      f320885909e68bd534fb190dd36b8d17

    • SHA1

      3e1996517744351c580728a8ff9ca18bd9bc579c

    • SHA256

      087a4ea357c6298a1f9c86740171113d0aeacd8b6a0abe0d9652dff80accf432

    • SHA512

      8bd32377e904b6e82ccfcbe4e16657035457271bf120703fc4b1e55979f8ee476b8f7d10f8603d9d5f4deecd2eacb79af9e67e5e06b7ae40de1beddf07129ee3

    • SSDEEP

      1536:7ZIxQKcSF6BFNY4pfn4vMO8NammIyxELSxcczhmLY0PtrjI:tqQiFiY4JyM6syxQihTOrjI

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks