General

  • Target

    c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf.zip

  • Size

    394KB

  • Sample

    241004-szpqdawdnb

  • MD5

    432492dee2b91d739a571bd2776eddea

  • SHA1

    3d59ae27243b77075490bc980187b10f6e3de4e0

  • SHA256

    48bfa7ab47285a56c1c46e0d53e1a5a8bf1cfd0dbfc4070d3a1e645dc680337b

  • SHA512

    4d56116e69070a834fe272df2665dbf22e8496e26368bb47855f4716111f9529706b7b2dfc22077654a65b91e49e0201c00e082a0b831fb7e5d12949ea69bfa5

  • SSDEEP

    6144:USdXdB2h5iJSoFVXBeXOeo0CUwMuD+0aAAFjhalKsLlDO6BdN3355IWdprx:Hv2hM30XOeo0H1uQA4jiKsJD1n55hx

Malware Config

Targets

    • Target

      c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf.jar

    • Size

      400KB

    • MD5

      247581cc28bdbd4d432669ca5d588163

    • SHA1

      da0fb4d2b9659436cdad587689a26600aa52fe20

    • SHA256

      c3b27ba76af8fec666012c88a8c7a72a428315d8d475b7cf8a4e2e2b6e8b20cf

    • SHA512

      68281c5c48f0333943d24ad9d1e54196dbe809d43e3f9a170ee22cfc7b51350be001f7a68285e33752684ca00568419442c6bc05994f78e56bb32338e2f024e8

    • SSDEEP

      12288:QQeEHTT5f4YEDBA8v7m3zaWLckXP9iN43:QJgTT59ISjFP9Qu

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks