Overview

overview

10

Static

static

1

2ef5bc7e3e...118.js

windows7-x64

3

2ef5bc7e3e...118.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ef5bc7e3ea077223ddeb130e428140a_JaffaCakes118

  • Size

    183KB

  • Sample

    240709-ethg8axhlh

  • MD5

    2ef5bc7e3ea077223ddeb130e428140a

  • SHA1

    2703976ee122a4f0a618fc69e53aa25a313cee7f

  • SHA256

    66ae152ddc0d2e4ec4836f7ab4d6c1822d3bfe746d34c8fc24f57f15e8e16ec0

  • SHA512

    cd4f2abf643beff86d75fcfbb48cabe1101db98c70720e8a75c60db59e94bc08846eaf4f7dc648277f7225e89ab559830984144e3a8c64894c9585a0149feab3

  • SSDEEP

    3072:aGTydvzf78BsUDnOMPTVjTDVoP9WhePMfa2A5izMAFKMulAXTMvBnPUSD5l:aGI7f7LUbZVjTJuWhePMCts4MRoZ55l

Score
10/10
strratexecutionpersistencestealertrojan

Malware Config

Targets

    • Target

      2ef5bc7e3ea077223ddeb130e428140a_JaffaCakes118

    • Size

      183KB

    • MD5

      2ef5bc7e3ea077223ddeb130e428140a

    • SHA1

      2703976ee122a4f0a618fc69e53aa25a313cee7f

    • SHA256

      66ae152ddc0d2e4ec4836f7ab4d6c1822d3bfe746d34c8fc24f57f15e8e16ec0

    • SHA512

      cd4f2abf643beff86d75fcfbb48cabe1101db98c70720e8a75c60db59e94bc08846eaf4f7dc648277f7225e89ab559830984144e3a8c64894c9585a0149feab3

    • SSDEEP

      3072:aGTydvzf78BsUDnOMPTVjTDVoP9WhePMfa2A5izMAFKMulAXTMvBnPUSD5l:aGI7f7LUbZVjTJuWhePMCts4MRoZ55l

    Score
    10/10
    executionstrratpersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks