Overview

overview

10

Static

static

10

PO881620-2024.jar

windows7-x64

1

PO881620-2024.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PO881620-2024.jar

  • Size

    203KB

  • Sample

    240613-28414aycql

  • MD5

    ef8d2de4e2983dddfe12759ba4626d20

  • SHA1

    e3ce248bdcd07b23e94ce832062cf717a83334a8

  • SHA256

    8fc554384f269993bde053de9811902c44135fb99e1944c5047afea9aac6ea40

  • SHA512

    6d956b3e536fb7227c7bcb9d2beeaac9e64fae4c60e32b95772201d0c68b962936104fba7b57ef57e82c02d193b8200539a55e69ec95a4f7d1fcfee331203280

  • SSDEEP

    3072:yVeoCg5sL1zElp9IsdQffd3qrNMVMYBJk4ubY+tqtPwzrLQBAWfTy3KNY:8L61z29/dHpMVMYBqN0JIzr0qWfTxY

Score
10/10
strratdiscoverypersistencestealertrojan

Malware Config

Targets

    • Target

      PO881620-2024.jar

    • Size

      203KB

    • MD5

      ef8d2de4e2983dddfe12759ba4626d20

    • SHA1

      e3ce248bdcd07b23e94ce832062cf717a83334a8

    • SHA256

      8fc554384f269993bde053de9811902c44135fb99e1944c5047afea9aac6ea40

    • SHA512

      6d956b3e536fb7227c7bcb9d2beeaac9e64fae4c60e32b95772201d0c68b962936104fba7b57ef57e82c02d193b8200539a55e69ec95a4f7d1fcfee331203280

    • SSDEEP

      3072:yVeoCg5sL1zElp9IsdQffd3qrNMVMYBJk4ubY+tqtPwzrLQBAWfTy3KNY:8L61z29/dHpMVMYBqN0JIzr0qWfTxY

    Score
    10/10
    strratdiscoverypersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks