General

  • Target

    0ce4bc04ab2948c0aad1fbd8722443c0001701cb2bfe817758178462e796703d.zip

  • Size

    481KB

  • Sample

    240607-j3valada9x

  • MD5

    6e9639cd58ea60ae5b39ad82e1c098a6

  • SHA1

    f45c83af51e4051f411396fff73bd9c649fc38de

  • SHA256

    0ce4bc04ab2948c0aad1fbd8722443c0001701cb2bfe817758178462e796703d

  • SHA512

    7457aef1601c700f2f6cfa46e092a1cd9f7af2af9919ca488ca2a9d3df0d8f5a1fe071fee558a77dc537834fcb6c0fad82667e466336b3a7f4c36ce52b0ec6a4

  • SSDEEP

    12288:6vlXyKeQSPEVjuJpWFLRb5hOeCr8q1bZqMkKcZ:6tXylSmpgty9qMm

Malware Config

Targets

    • Target

      0ce4bc04ab2948c0aad1fbd8722443c0001701cb2bfe817758178462e796703d.zip

    • Size

      481KB

    • MD5

      6e9639cd58ea60ae5b39ad82e1c098a6

    • SHA1

      f45c83af51e4051f411396fff73bd9c649fc38de

    • SHA256

      0ce4bc04ab2948c0aad1fbd8722443c0001701cb2bfe817758178462e796703d

    • SHA512

      7457aef1601c700f2f6cfa46e092a1cd9f7af2af9919ca488ca2a9d3df0d8f5a1fe071fee558a77dc537834fcb6c0fad82667e466336b3a7f4c36ce52b0ec6a4

    • SSDEEP

      12288:6vlXyKeQSPEVjuJpWFLRb5hOeCr8q1bZqMkKcZ:6tXylSmpgty9qMm

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks