General

  • Target

    c31cee51acf037dd2a09dd6dfddc5e889df9646af5625f827007c5b795b0dbb6.js

  • Size

    205KB

  • Sample

    241024-cl65hazcqg

  • MD5

    b60592cb963de5d1cb804db6c07dd289

  • SHA1

    20c09f859df663850c5f6ec109bc9a5a2831c022

  • SHA256

    c31cee51acf037dd2a09dd6dfddc5e889df9646af5625f827007c5b795b0dbb6

  • SHA512

    253537ea93ebf4c2decacea5a99ef1b7351d839498f690357a9ce6bc57baf2835b40cc7a7d4819a0e69cdfabea28290c0b6f3ea6c71971ca99967c789a59e251

  • SSDEEP

    3072:DQGJLNtKFO/4xaWihrT5UAE5mZgyFz+OOdBdlsNzsQVmWp7:DQ6/n/WaWiha95bQz+OOjdMzsQVmWZ

Malware Config

Targets

    • Target

      c31cee51acf037dd2a09dd6dfddc5e889df9646af5625f827007c5b795b0dbb6.js

    • Size

      205KB

    • MD5

      b60592cb963de5d1cb804db6c07dd289

    • SHA1

      20c09f859df663850c5f6ec109bc9a5a2831c022

    • SHA256

      c31cee51acf037dd2a09dd6dfddc5e889df9646af5625f827007c5b795b0dbb6

    • SHA512

      253537ea93ebf4c2decacea5a99ef1b7351d839498f690357a9ce6bc57baf2835b40cc7a7d4819a0e69cdfabea28290c0b6f3ea6c71971ca99967c789a59e251

    • SSDEEP

      3072:DQGJLNtKFO/4xaWihrT5UAE5mZgyFz+OOdBdlsNzsQVmWp7:DQ6/n/WaWiha95bQz+OOjdMzsQVmWZ

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks