General

  • Target

    9b9099ea755e24ed749632ab2202124d2eab9d754080ab95feee69dde9f14621.jar

  • Size

    452KB

  • Sample

    240531-bvhmtsba69

  • MD5

    b3cd6750e977a5855ee1e026b52404cd

  • SHA1

    4204168ebbd729f3758e82fb3b32c658c83edf16

  • SHA256

    9b9099ea755e24ed749632ab2202124d2eab9d754080ab95feee69dde9f14621

  • SHA512

    a2c1e19111e48184dc7d4f3690f539780147a0acadb9378dc5fae51ecc429c15c0e4cc4ba18ac8e355b5fd96c7853fe6c3baaa38a483d99573f0833439a74806

  • SSDEEP

    12288:SUfrIkI0H+cH/MZwn7QvGroVpG2hLMhwQXZnuBit:5IkI0ecf8cmKoVphhLMhwQXJUq

Malware Config

Targets

    • Target

      9b9099ea755e24ed749632ab2202124d2eab9d754080ab95feee69dde9f14621.jar

    • Size

      452KB

    • MD5

      b3cd6750e977a5855ee1e026b52404cd

    • SHA1

      4204168ebbd729f3758e82fb3b32c658c83edf16

    • SHA256

      9b9099ea755e24ed749632ab2202124d2eab9d754080ab95feee69dde9f14621

    • SHA512

      a2c1e19111e48184dc7d4f3690f539780147a0acadb9378dc5fae51ecc429c15c0e4cc4ba18ac8e355b5fd96c7853fe6c3baaa38a483d99573f0833439a74806

    • SSDEEP

      12288:SUfrIkI0H+cH/MZwn7QvGroVpG2hLMhwQXZnuBit:5IkI0ecf8cmKoVphhLMhwQXJUq

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks