General

  • Target

    RFQ_PO#63765GMD_87.jar

  • Size

    400KB

  • Sample

    240719-mbdejszapf

  • MD5

    ce4645dab452e5963df010f56b0c4966

  • SHA1

    9a5ff6e5ceb23239674c33b96ef8c88ce5ce4852

  • SHA256

    5d7324050d7c666402cfc29f6f76bb56585a81ad546a2c1a1c0f17dca958af96

  • SHA512

    5b1897d3e125349d0f93e6544d9b79dfc34a41086169ad715df479ef2fcc2fbf5e380c2744ef989153d6bc94fd90c9cb44e39e4baba353ff7251bdbf4e727645

  • SSDEEP

    12288:aNTuHT05KNddDpAhv7V3FVy/cB5P9iNyn:aFKT05ACR1nP9Q6

Malware Config

Targets

    • Target

      RFQ_PO#63765GMD_87.jar

    • Size

      400KB

    • MD5

      ce4645dab452e5963df010f56b0c4966

    • SHA1

      9a5ff6e5ceb23239674c33b96ef8c88ce5ce4852

    • SHA256

      5d7324050d7c666402cfc29f6f76bb56585a81ad546a2c1a1c0f17dca958af96

    • SHA512

      5b1897d3e125349d0f93e6544d9b79dfc34a41086169ad715df479ef2fcc2fbf5e380c2744ef989153d6bc94fd90c9cb44e39e4baba353ff7251bdbf4e727645

    • SSDEEP

      12288:aNTuHT05KNddDpAhv7V3FVy/cB5P9iNyn:aFKT05ACR1nP9Q6

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks