General
-
Target
Order_Details.js
-
Size
207KB
-
Sample
250218-wm4wbavmbv
-
MD5
eeaadaf8c5d945f8a0f0c0fa01c4dfed
-
SHA1
ffcb938606180bb21a989cb3f2694805c6de0892
-
SHA256
14def6c04f10749ef9f9efce3767d8776a4c40327541a85efad4706a6b496ad1
-
SHA512
37e83d74c320f8a5d04cf070abeb6f90b24ddf2dece4b5894f8410bb9dfe1b7bc731ef70f501a2cee881295a45ea75522f9b38b2a81c8dbdaad16b6d66d15a3c
-
SSDEEP
6144:eQ+BEXXTRePXM9G29OETHy4zhaV8LAlNnIGURb34c:1cblSOEO4zhWLsn
Malware Config
Targets
-
-
Target
Order_Details.js
-
Size
207KB
-
MD5
eeaadaf8c5d945f8a0f0c0fa01c4dfed
-
SHA1
ffcb938606180bb21a989cb3f2694805c6de0892
-
SHA256
14def6c04f10749ef9f9efce3767d8776a4c40327541a85efad4706a6b496ad1
-
SHA512
37e83d74c320f8a5d04cf070abeb6f90b24ddf2dece4b5894f8410bb9dfe1b7bc731ef70f501a2cee881295a45ea75522f9b38b2a81c8dbdaad16b6d66d15a3c
-
SSDEEP
6144:eQ+BEXXTRePXM9G29OETHy4zhaV8LAlNnIGURb34c:1cblSOEO4zhWLsn
Score10/10-
STRRAT
STRRAT is a remote access tool than can steal credentials and log keystrokes.
-
Strrat family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops startup file
-
Loads dropped DLL
-