strrat | a3b480ce2b82d4b08f7e904e497e222753a731875d67fe5de99b2b144f7ccf48 | Triage

Sharing

General

Target

Quotation.jar
Size

119KB
Sample

210512-zza18h1l5x
MD5

536d2bc29415f705f2e9a26ce0ee349f
SHA1

6e28063ee78e517143ad5363ebd1e036514d6917
SHA256

a3b480ce2b82d4b08f7e904e497e222753a731875d67fe5de99b2b144f7ccf48
SHA512

d860f9edbcf669fb11b638651e92699287dc8ac9ea4a68dce042c7d090b02e8ef0f67d2d1661cf1b5d3348f85d57d620b2a60a9948073d865dd0de008eac63fa

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  Quotation.jar
- Size
  
  119KB
- MD5
  
  536d2bc29415f705f2e9a26ce0ee349f
- SHA1
  
  6e28063ee78e517143ad5363ebd1e036514d6917
- SHA256
  
  a3b480ce2b82d4b08f7e904e497e222753a731875d67fe5de99b2b144f7ccf48
- SHA512
  
  d860f9edbcf669fb11b638651e92699287dc8ac9ea4a68dce042c7d090b02e8ef0f67d2d1661cf1b5d3348f85d57d620b2a60a9948073d865dd0de008eac63fa
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

strratpersistencestealertrojan

behavioral2