General

  • Target

    2abfed09bc56ccecb1c01b8a9f68ab7a7a53ea1d6a3a1a598a3914d8a71e4187.jar

  • Size

    546KB

  • Sample

    240607-bsdk4afb51

  • MD5

    363e51d5d985e8ed4784429b8af87790

  • SHA1

    8172cac68e512641e7e2347bbec9613cfb10389d

  • SHA256

    2abfed09bc56ccecb1c01b8a9f68ab7a7a53ea1d6a3a1a598a3914d8a71e4187

  • SHA512

    1a298144036564511683468e65612b37e6f5b0fc475babaa73cb07c5d4f984cb1d21571b86b3e0b8d7319224e964d3b8a744927560dd69d8fffa89e5c7c5953f

  • SSDEEP

    6144:gmnhGkb/R8Jgn3l7v7ja8qRIXKdANNJ4D1EpDR9d+uOphJqxAQhoys4LV:gmEuJ8ul7v7ja8q8tNH429x+QTV

Malware Config

Targets

    • Target

      2abfed09bc56ccecb1c01b8a9f68ab7a7a53ea1d6a3a1a598a3914d8a71e4187.jar

    • Size

      546KB

    • MD5

      363e51d5d985e8ed4784429b8af87790

    • SHA1

      8172cac68e512641e7e2347bbec9613cfb10389d

    • SHA256

      2abfed09bc56ccecb1c01b8a9f68ab7a7a53ea1d6a3a1a598a3914d8a71e4187

    • SHA512

      1a298144036564511683468e65612b37e6f5b0fc475babaa73cb07c5d4f984cb1d21571b86b3e0b8d7319224e964d3b8a744927560dd69d8fffa89e5c7c5953f

    • SSDEEP

      6144:gmnhGkb/R8Jgn3l7v7ja8qRIXKdANNJ4D1EpDR9d+uOphJqxAQhoys4LV:gmEuJ8ul7v7ja8q8tNH429x+QTV

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks