Overview

overview

10

Static

static

10

48f6788ba8...2a.jar

windows7-x64

3

48f6788ba8...2a.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    48f6788ba8e0405098152cd2417e68fdb87bfc41665ead3883f1b0d67fec202a.jar

  • Size

    124KB

  • Sample

    240525-bkh6lshc4y

  • MD5

    7bf4527b293b0c3f6cc8859886d6c9d8

  • SHA1

    75183471ffca124e8ead875329cc6fcd6492e2c8

  • SHA256

    48f6788ba8e0405098152cd2417e68fdb87bfc41665ead3883f1b0d67fec202a

  • SHA512

    d25e0c208cd4959779fa90d0a686dae65b290ac8062564f40044fa656a8901cddd7f0084544c265c4ccd4978f42c9248184c07801ccdc5b8ddf1d53983515ee8

  • SSDEEP

    1536:m2JqdLhOqhzbqA4LOcKgoWrQj0oU1BlKE6tcj871PSMQeyd8qyLBq8eGk1FOX:qdcW6A4LOc1RQyXQ08ZPAytyOX

Score
10/10
adwindstrratdiscoveryexecutionpersistencestealertrojan

Malware Config

Targets

    • Target

      48f6788ba8e0405098152cd2417e68fdb87bfc41665ead3883f1b0d67fec202a.jar

    • Size

      124KB

    • MD5

      7bf4527b293b0c3f6cc8859886d6c9d8

    • SHA1

      75183471ffca124e8ead875329cc6fcd6492e2c8

    • SHA256

      48f6788ba8e0405098152cd2417e68fdb87bfc41665ead3883f1b0d67fec202a

    • SHA512

      d25e0c208cd4959779fa90d0a686dae65b290ac8062564f40044fa656a8901cddd7f0084544c265c4ccd4978f42c9248184c07801ccdc5b8ddf1d53983515ee8

    • SSDEEP

      1536:m2JqdLhOqhzbqA4LOcKgoWrQj0oU1BlKE6tcj871PSMQeyd8qyLBq8eGk1FOX:qdcW6A4LOc1RQyXQ08ZPAytyOX

    Score
    10/10
    executionstrratdiscoverypersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks