General
-
Target
5709dc35796f2a91483860820770e74dead9f01eaf2433832016fdacd2eed209.js
-
Size
453KB
-
Sample
240927-bn8knsxgjk
-
MD5
f04f4fb3190c6cd423a4d84cf521cf65
-
SHA1
9d11423067f7e004d14a3803b3fe2ee046ab3dfd
-
SHA256
5709dc35796f2a91483860820770e74dead9f01eaf2433832016fdacd2eed209
-
SHA512
6bf28689632f5c7f8a19e03e3d2efd7af34f6d6d73f8f78c4b5ae97f7af051e85cbaac40640334cfe089337aa0c5388a11ad4e7a71e98841ea67585c710c1162
-
SSDEEP
12288:woWNEiYoNEy3ND5k6XrhqncWkhLPDS430IR:w4SR5xbWkhLN30s
Malware Config
Targets
-
-
Target
5709dc35796f2a91483860820770e74dead9f01eaf2433832016fdacd2eed209.js
-
Size
453KB
-
MD5
f04f4fb3190c6cd423a4d84cf521cf65
-
SHA1
9d11423067f7e004d14a3803b3fe2ee046ab3dfd
-
SHA256
5709dc35796f2a91483860820770e74dead9f01eaf2433832016fdacd2eed209
-
SHA512
6bf28689632f5c7f8a19e03e3d2efd7af34f6d6d73f8f78c4b5ae97f7af051e85cbaac40640334cfe089337aa0c5388a11ad4e7a71e98841ea67585c710c1162
-
SSDEEP
12288:woWNEiYoNEy3ND5k6XrhqncWkhLPDS430IR:w4SR5xbWkhLN30s
Score10/10-
STRRAT
STRRAT is a remote access tool than can steal credentials and log keystrokes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1