General

  • Target

    3992442fd802d8a7fbad4ed1a91bc6e6f2f97a3eaaff7a11f0130117cc250cf9.zip

  • Size

    426KB

  • Sample

    241015-g5mbnazaph

  • MD5

    ff07ef6ad4751a38ab8b9e915e9c13e0

  • SHA1

    16c990145d66011ee30ab4f9cbfb0ff7e092fd89

  • SHA256

    3992442fd802d8a7fbad4ed1a91bc6e6f2f97a3eaaff7a11f0130117cc250cf9

  • SHA512

    b4989f3563d61daab68fdbfb109c2ccaa1b55eead298f4a872d8597a8b10b0c201e958e0c714efe9bdfb22d1d3ab2d60465f436b00f9515fa7ec5a8821b879e5

  • SSDEEP

    6144:kpU6l0J4Rq9atJ3KZPg9tTBsXsBd53dnc+cruIOYQlnjW4E6ZHxQHDInQHU8HJYU:9KdRqItsu9tTBsX+2ruljoHDJUOH

Malware Config

Targets

    • Target

      Swift_Payment_copy_pdf.jar

    • Size

      560KB

    • MD5

      7993a75d4820b04f116853c89c0aa8e7

    • SHA1

      09d226d5b7a771c946640ec4a1a92f63d1c071be

    • SHA256

      23038f83da0627a0d0abafc562b9d0ace5b09fb16dae54af115957fa4f623165

    • SHA512

      db44afa9716f181bb55186f1f7de3807a84bd75f8cac7322cb627e726aa5d819866748adac543b2259c4b0817b62aae6ad4c849412ac45f43ad5489521e8f4f7

    • SSDEEP

      12288:TaeVSA/3Xk7dRlTRx6u5bx84Or6/OJyi5F93fEsn+o:u8/36BD5bahr6/3i5D8s+o

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks