General
-
Target
f4267ec696cf9223569ebbb27617e04641eab296a81b919c923a54288342a34c.js
-
Size
460KB
-
Sample
240509-cqpq1sda7t
-
MD5
c24358be43368c8197bc1d25f3ba421e
-
SHA1
b97e6fcbfccedbf673f0126caa24e1665a50dec8
-
SHA256
f4267ec696cf9223569ebbb27617e04641eab296a81b919c923a54288342a34c
-
SHA512
0d2ec59968d8169f7efb6d31551a101460bdbe8bfb8d0ac67e0a0b2841910032fabc9b824a7b7e9bc17317b12df751bf5197085b65f7d229af3a331ac982b8d7
-
SSDEEP
6144:Dk5b3RksMXWmzWRqpAOcGB3DRC+xpleNKkJJ2lj7j+viVd7Wbs9HLsT5UQ5TsBzr:kCyROcGVsJH6ljfpTHzzksf
Malware Config
Targets
-
-
Target
f4267ec696cf9223569ebbb27617e04641eab296a81b919c923a54288342a34c.js
-
Size
460KB
-
MD5
c24358be43368c8197bc1d25f3ba421e
-
SHA1
b97e6fcbfccedbf673f0126caa24e1665a50dec8
-
SHA256
f4267ec696cf9223569ebbb27617e04641eab296a81b919c923a54288342a34c
-
SHA512
0d2ec59968d8169f7efb6d31551a101460bdbe8bfb8d0ac67e0a0b2841910032fabc9b824a7b7e9bc17317b12df751bf5197085b65f7d229af3a331ac982b8d7
-
SSDEEP
6144:Dk5b3RksMXWmzWRqpAOcGB3DRC+xpleNKkJJ2lj7j+viVd7Wbs9HLsT5UQ5TsBzr:kCyROcGVsJH6ljfpTHzzksf
Score10/10-
STRRAT
STRRAT is a remote access tool than can steal credentials and log keystrokes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-