General

  • Target

    PaymentAdvicejarjarjarjar.jar

  • Size

    70KB

  • Sample

    230709-j8b17scc7s

  • MD5

    233289b050dbef1acab4575d172f4108

  • SHA1

    ca1d2bb3798673e394d3989c883ca6cae4f398cc

  • SHA256

    80af6e8d6151329f83f063fe1162c41642af8d7b60808bbb1019ba2bccb29ebc

  • SHA512

    d30c33ed3f0465cb0fcd3726455452cdd8dc11eb385556a516b4a1457236f0cbdc9dfb05d775aa673eba2051ef26b1fb81a0a4ce270cdae6c6a92db958280bd1

  • SSDEEP

    1536:njqelPbqK719+4YZuU/4SDK/3wAmQ0PtmOtaQVsTw//:n3lPeI19VYswD0qQ0FmcbsS/

Malware Config

Targets

    • Target

      PaymentAdvicejarjarjarjar.jar

    • Size

      70KB

    • MD5

      233289b050dbef1acab4575d172f4108

    • SHA1

      ca1d2bb3798673e394d3989c883ca6cae4f398cc

    • SHA256

      80af6e8d6151329f83f063fe1162c41642af8d7b60808bbb1019ba2bccb29ebc

    • SHA512

      d30c33ed3f0465cb0fcd3726455452cdd8dc11eb385556a516b4a1457236f0cbdc9dfb05d775aa673eba2051ef26b1fb81a0a4ce270cdae6c6a92db958280bd1

    • SSDEEP

      1536:njqelPbqK719+4YZuU/4SDK/3wAmQ0PtmOtaQVsTw//:n3lPeI19VYswD0qQ0FmcbsS/

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks