General

  • Target

    1C24TYY_00001201.pdf.jar

  • Size

    400KB

  • Sample

    240716-1zgnrsvgjd

  • MD5

    85ee6b284937350785d315ee74e1027d

  • SHA1

    2f7983a3b6400799f334e464923178020d1577e7

  • SHA256

    9f396dbcac9551ef1319e43ace32c0f71f808dd91c13193c1ac06f1acc1aaaf3

  • SHA512

    b8ade32ca7406803ce3ba18846b418749e1f8718844d01ad33d2b383722214afa9710327a41a855bd978d8ef67210b9fd33a61b08ba3b6e4a14c4d88b7300747

  • SSDEEP

    12288:A8a0HTP5TMssDFIwv7i3XWaDcwrP9iNIs:ABQTP5FIeH5P9QV

Malware Config

Targets

    • Target

      1C24TYY_00001201.pdf.jar

    • Size

      400KB

    • MD5

      85ee6b284937350785d315ee74e1027d

    • SHA1

      2f7983a3b6400799f334e464923178020d1577e7

    • SHA256

      9f396dbcac9551ef1319e43ace32c0f71f808dd91c13193c1ac06f1acc1aaaf3

    • SHA512

      b8ade32ca7406803ce3ba18846b418749e1f8718844d01ad33d2b383722214afa9710327a41a855bd978d8ef67210b9fd33a61b08ba3b6e4a14c4d88b7300747

    • SSDEEP

      12288:A8a0HTP5TMssDFIwv7i3XWaDcwrP9iNIs:ABQTP5FIeH5P9QV

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks