General
-
Target
96fad56cee1be508f8a2a15d2ae62995_JaffaCakes118
-
Size
119KB
-
Sample
241124-y2a8natldn
-
MD5
96fad56cee1be508f8a2a15d2ae62995
-
SHA1
c2c876559c4266e80c9d1841825cb0f515b4b71f
-
SHA256
f0d1596a53d0764566c2c306e918d7564519e92e5614f10fb32c3f56d74c40c5
-
SHA512
8a7494d535aa4f2d046f5d2b2945008be83fcb35db68af4b1172432ea202436e22ba59273c262d61190a0d5567a6a21666125144077b84d7c9fff76982578107
-
SSDEEP
3072:z3cSUgKmq1p8PJm8HaRTSYva87Utdj2BFLGvuwR:zpUOqQPErR1va87Sdu4
Malware Config
Targets
-
-
Target
96fad56cee1be508f8a2a15d2ae62995_JaffaCakes118
-
Size
119KB
-
MD5
96fad56cee1be508f8a2a15d2ae62995
-
SHA1
c2c876559c4266e80c9d1841825cb0f515b4b71f
-
SHA256
f0d1596a53d0764566c2c306e918d7564519e92e5614f10fb32c3f56d74c40c5
-
SHA512
8a7494d535aa4f2d046f5d2b2945008be83fcb35db68af4b1172432ea202436e22ba59273c262d61190a0d5567a6a21666125144077b84d7c9fff76982578107
-
SSDEEP
3072:z3cSUgKmq1p8PJm8HaRTSYva87Utdj2BFLGvuwR:zpUOqQPErR1va87Sdu4
Score10/10-
STRRAT
STRRAT is a remote access tool than can steal credentials and log keystrokes.
-
Strrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1JavaScript
1Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1