General
-
Target
34a653c2523056e055c378285398f72d_JaffaCakes118
-
Size
183KB
-
Sample
241011-n2c25s1bjg
-
MD5
34a653c2523056e055c378285398f72d
-
SHA1
d9813cda6da576f77d09ae3665f2c0c5dd37fef1
-
SHA256
93b8b4b95575fbaeadf2548f59bfe6e9f7a540eb02a75ce575ee7662bfb6ca52
-
SHA512
5737c3567a5675fbec43f2dcde75bb9f920dcee03aeb02b5bbb74074b80b41b266807fb8b6a1036dfbf42b96d61ae817fbf73f7cc1fb923378c2349f35d065b0
-
SSDEEP
3072:o9pZV7cIa1MmOQe+rABEBj+6fXB+Tcu01xI8xE9Ye+eLvLusOTi1N253:o9PVD+OyrABEBjFBpRjeJKEN253
Malware Config
Targets
-
-
Target
34a653c2523056e055c378285398f72d_JaffaCakes118
-
Size
183KB
-
MD5
34a653c2523056e055c378285398f72d
-
SHA1
d9813cda6da576f77d09ae3665f2c0c5dd37fef1
-
SHA256
93b8b4b95575fbaeadf2548f59bfe6e9f7a540eb02a75ce575ee7662bfb6ca52
-
SHA512
5737c3567a5675fbec43f2dcde75bb9f920dcee03aeb02b5bbb74074b80b41b266807fb8b6a1036dfbf42b96d61ae817fbf73f7cc1fb923378c2349f35d065b0
-
SSDEEP
3072:o9pZV7cIa1MmOQe+rABEBj+6fXB+Tcu01xI8xE9Ye+eLvLusOTi1N253:o9PVD+OyrABEBjFBpRjeJKEN253
Score10/10-
STRRAT
STRRAT is a remote access tool than can steal credentials and log keystrokes.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1