General

  • Target

    838feba9c3f59776a04d380c1f94f7d93a84e8256ce07d94482528d373470667.zip

  • Size

    452KB

  • Sample

    240607-j4eljadb2v

  • MD5

    188614b72a3baaf3f018157d12223538

  • SHA1

    f9d7a5a4f743c4d22f6563436761912dacba2a90

  • SHA256

    838feba9c3f59776a04d380c1f94f7d93a84e8256ce07d94482528d373470667

  • SHA512

    988445b15fc4b3a9fe28a15c859becaaf3692ec76399e17618e9d1382d73f85549130801210b82e41b76c779bc4ea2bc94c4fafe6a462510d4a0ccc75945e8c8

  • SSDEEP

    12288:CU9r+Wu+x8qH/M10nJQpGrodvkg3/MhGQt3j0dWT:X+Wu+KqfkY6Kodvx3/MhGQtzms

Malware Config

Targets

    • Target

      838feba9c3f59776a04d380c1f94f7d93a84e8256ce07d94482528d373470667.zip

    • Size

      452KB

    • MD5

      188614b72a3baaf3f018157d12223538

    • SHA1

      f9d7a5a4f743c4d22f6563436761912dacba2a90

    • SHA256

      838feba9c3f59776a04d380c1f94f7d93a84e8256ce07d94482528d373470667

    • SHA512

      988445b15fc4b3a9fe28a15c859becaaf3692ec76399e17618e9d1382d73f85549130801210b82e41b76c779bc4ea2bc94c4fafe6a462510d4a0ccc75945e8c8

    • SSDEEP

      12288:CU9r+Wu+x8qH/M10nJQpGrodvkg3/MhGQt3j0dWT:X+Wu+KqfkY6Kodvx3/MhGQtzms

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

    • Adds Run key to start application

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks