Overview

overview

10

Static

static

2089099150...42.jar

windows7_x64

10

2089099150...42.jar

windows10_x64

4

Sharing

Copy URL
Twitter E-mail

General

  • Target

    208909915052021INTKD6SB21150520211242.zip

  • Size

    96KB

  • Sample

    210521-4bebk8yd9j

  • MD5

    b0b91549de1929134a466fd011aaae14

  • SHA1

    fcd6eb8456df7a83fd3f58e56465e5d8cc393cf2

  • SHA256

    54f0c39c27bc4595792d813611bbd5f47b1cd57a33bf805fb141aaad71276fd2

  • SHA512

    9683c4635c4e06dc4959ff5d42651306edf2fb2b8a17aaa1918c472aaeb07b544589e06ccc52d3233f48de92e68573091763fb676414ba231a5443804c5fab78

Score
10/10
strratpersistencestealertrojan

Malware Config

Targets

    • Target

      208909915052021INTKD6SB21150520211242.jar

    • Size

      102KB

    • MD5

      b46bcbb1ebdad2d2410e06fc3bbe9cfd

    • SHA1

      113008d802efeb6a06e21c370aebbe8c8150db78

    • SHA256

      07bf898dd9b36804622e62d3c0c6488350e734a2f7bd763db78f447fbc403d6c

    • SHA512

      dd427eaf11c09fb4258ac222f7b86ab9ab843350dc2a80ecae977eae4cb9e684cbe8c15eeb211271726e131c0077806eb328a1d3d3ecbbde5a8a78a9bf92f5b7

    Score
    10/10
    strratpersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Registry Run Keys / Startup Folder

1
T1060

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks