Overview

overview

10

Static

static

1

Solicitaç...ão.js

windows7-x64

3

Solicitaç...ão.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    668e93b896784310b143c6d3badd6a89_JaffaCakes118

  • Size

    180KB

  • Sample

    241021-ncx11stcqq

  • MD5

    668e93b896784310b143c6d3badd6a89

  • SHA1

    27ba53fd03ffa08c49cc4135d57c771b98471fdb

  • SHA256

    316779bb551148e0c6f6edeaf90329a123b5e08bfcb6f479ecc7c245e77488da

  • SHA512

    2a89c924790feaa6457172742dad278d6d9777d20110e92a2cb92150287806c075eed7f7c93558f1786acf9e7a24e03b9e7250751051176f7ab34e27b4401334

  • SSDEEP

    3072:saTB3BlHmiB3otJMDq1k3JXylH0wwRjAj0HA+5oGeWfkZgURz/HRAoFY:3txXo8qsMFLwRO8A+eWsZgURTHRAaY

Score
10/10
strratexecutionpersistencestealertrojan

Malware Config

Targets

    • Target

      Solicitação de Cotação.js

    • Size

      184KB

    • MD5

      29a46a991f69322c414cd76707bf04ae

    • SHA1

      0a484d57667361f03619f5e55fc8df61ec48ec6b

    • SHA256

      c480fe7adba62a2d2f5b983c88358306ee204d94eedceae5f72e9c8c0c6e701a

    • SHA512

      25049793b5c8a2e81562153377bea8182fa0967a55534113a1dce787b985d932f2554964c604348024bf785906d75c8de6b361cb3eb8e4336f24f9ff959b0182

    • SSDEEP

      3072:xmc9ypzk6F5Sp8Co92lb5yeCCy3g4PU5wBCuRBx7OEFVxKZlvy+6OnpnbQxwHWku:xRMpQ6F5q8RglQdCyQx14x7OEdYb8wH4

    Score
    10/10
    executionstrratpersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks