Overview

overview

10

Static

static

1

53c61d3e43...18.jar

windows7-x64

3

53c61d3e43...18.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    53c61d3e434b7b53dd3ef75348efa1f4_JaffaCakes118

  • Size

    120KB

  • Sample

    240717-tp4xzsyckp

  • MD5

    53c61d3e434b7b53dd3ef75348efa1f4

  • SHA1

    29f45cc6c3355526d8d41b49bada82cb2ff80039

  • SHA256

    19d70f989916c257d0c89f5c8424375d3b3f9ba573f1503f5f85d1c69c112a67

  • SHA512

    e35f54d69b18d5f61d3429dc7268a45fbc0e312db74a2d3b380b918794d9329f548df0096f4ada2710ba825f9747d0998038117df8b55577b7eb79eb558f6c91

  • SSDEEP

    3072:QpAg/4NyBQ79he4WOUqoO8QbUfetXk0BHCSeuMEL:QOzaG9YOUqoJQbSgLxCRuM+

Score
10/10
strratexecutionpersistencestealertrojan

Malware Config

Targets

    • Target

      53c61d3e434b7b53dd3ef75348efa1f4_JaffaCakes118

    • Size

      120KB

    • MD5

      53c61d3e434b7b53dd3ef75348efa1f4

    • SHA1

      29f45cc6c3355526d8d41b49bada82cb2ff80039

    • SHA256

      19d70f989916c257d0c89f5c8424375d3b3f9ba573f1503f5f85d1c69c112a67

    • SHA512

      e35f54d69b18d5f61d3429dc7268a45fbc0e312db74a2d3b380b918794d9329f548df0096f4ada2710ba825f9747d0998038117df8b55577b7eb79eb558f6c91

    • SSDEEP

      3072:QpAg/4NyBQ79he4WOUqoO8QbUfetXk0BHCSeuMEL:QOzaG9YOUqoJQbSgLxCRuM+

    Score
    10/10
    executionstrratpersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks