strrat | ff3ba1d8de5361dda0d4398fb797cc9e4def93c38485a80a0ac5ed98bb9fdc2a | Triage

Submit
Reports

Overview

overview

Static

static

68398465-I...IMG.js

windows7_x64

68398465-I...IMG.js

windows10_x64

4

Sharing

General

Target

68398465-INVOICE-PO-IMG.js
Size

697KB
Sample

210510-ra9llt7tpx
MD5

0216db9911053cc419ad92f7f35062a4
SHA1

5f8efa0c0b9f0205a581da9d6247143ab643e515
SHA256

ff3ba1d8de5361dda0d4398fb797cc9e4def93c38485a80a0ac5ed98bb9fdc2a
SHA512

aa52161bc7f379ce1f5d66436ae85d06c191fc7272dfa5d3c2412f82aab8a9a83edc6987cb2fabf60379a93d5fd27d56323a8a3589a0ca46942d3df778dd6401

Score

10^/10

strrat persistence stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

68398465-INVOICE-PO-IMG.js

Resource

win7v20210410

strrat persistence stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

68398465-INVOICE-PO-IMG.js

Resource

win10v20210410

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  68398465-INVOICE-PO-IMG.js
- Size
  
  697KB
- MD5
  
  0216db9911053cc419ad92f7f35062a4
- SHA1
  
  5f8efa0c0b9f0205a581da9d6247143ab643e515
- SHA256
  
  ff3ba1d8de5361dda0d4398fb797cc9e4def93c38485a80a0ac5ed98bb9fdc2a
- SHA512
  
  aa52161bc7f379ce1f5d66436ae85d06c191fc7272dfa5d3c2412f82aab8a9a83edc6987cb2fabf60379a93d5fd27d56323a8a3589a0ca46942d3df778dd6401
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

strratpersistencestealertrojan

behavioral2

© 2018-2024

Terms | Privacy