Overview

overview

10

Static

static

1

7dbd3729dd...cc.jar

windows7-x64

1

7dbd3729dd...cc.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7dbd3729dd6c23e0329158520fa3cfcd3d78126f901aacad8a249a2166638fcc.jar

  • Size

    400KB

  • Sample

    240730-wj5cns1epk

  • MD5

    4a0b95e278f0a59bcff16500edc25568

  • SHA1

    35bf164377b6cdb43551935404452283cf7e7b97

  • SHA256

    7dbd3729dd6c23e0329158520fa3cfcd3d78126f901aacad8a249a2166638fcc

  • SHA512

    b4ff765f14a1f4df43292b11ad03496f14affad5f918b2a2f36922c542ccda8e6eb000d418d7503aa5cfcd6b2c811a0995f9e63577a9ba5a168d9127b1a69e15

  • SSDEEP

    12288:GzZWHT+5Y3PDDh8Hv733p3KTcHVP9iNyom:GNST+5uabZHP9Qpm

Score
10/10
strratpersistencestealertrojan

Malware Config

Targets

    • Target

      7dbd3729dd6c23e0329158520fa3cfcd3d78126f901aacad8a249a2166638fcc.jar

    • Size

      400KB

    • MD5

      4a0b95e278f0a59bcff16500edc25568

    • SHA1

      35bf164377b6cdb43551935404452283cf7e7b97

    • SHA256

      7dbd3729dd6c23e0329158520fa3cfcd3d78126f901aacad8a249a2166638fcc

    • SHA512

      b4ff765f14a1f4df43292b11ad03496f14affad5f918b2a2f36922c542ccda8e6eb000d418d7503aa5cfcd6b2c811a0995f9e63577a9ba5a168d9127b1a69e15

    • SSDEEP

      12288:GzZWHT+5Y3PDDh8Hv733p3KTcHVP9iNyom:GNST+5uabZHP9Qpm

    Score
    10/10
    strratpersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks