General

  • Target

    Payment.Telex-pdf2.jar

  • Size

    316KB

  • Sample

    241014-wrvs7sydra

  • MD5

    fced21ecda2fc3f2f643e9f6bf051ec0

  • SHA1

    26fd205a76f77227b4b4349faa39af1aff0521ab

  • SHA256

    0c10cc3d71089b66a0f5de22c6ebdba38d259ff11e3e06b2e75a47057bb39695

  • SHA512

    f285e1a10b59dce420325f8a77c69a2464951ecee4c0a4d6f0a9465f7b9c6adc878ed870091f3e1b31002c32b47c3cac7ab4bca66165dc286f37ff0772ed7df9

  • SSDEEP

    6144:37sgXtMbe6aAscrO9vOgudC4KrdBa68/ONpqm4TYWqzMvkMeZYu8:3wt0AscS9vjwT0BhLNpqJTG4sMFu8

Malware Config

Targets

    • Target

      Payment.Telex-pdf2.jar

    • Size

      316KB

    • MD5

      fced21ecda2fc3f2f643e9f6bf051ec0

    • SHA1

      26fd205a76f77227b4b4349faa39af1aff0521ab

    • SHA256

      0c10cc3d71089b66a0f5de22c6ebdba38d259ff11e3e06b2e75a47057bb39695

    • SHA512

      f285e1a10b59dce420325f8a77c69a2464951ecee4c0a4d6f0a9465f7b9c6adc878ed870091f3e1b31002c32b47c3cac7ab4bca66165dc286f37ff0772ed7df9

    • SSDEEP

      6144:37sgXtMbe6aAscrO9vOgudC4KrdBa68/ONpqm4TYWqzMvkMeZYu8:3wt0AscS9vjwT0BhLNpqJTG4sMFu8

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks