General

  • Target

    strrat.zip

  • Size

    189KB

  • Sample

    211126-ktjm6sefb4

  • MD5

    90c2823df38cf182a13c2c9d417ee2d8

  • SHA1

    facfe6fac7011853aac1a3ac2c3cd3c1387adaf3

  • SHA256

    96fe8f167148c9e11d2d65657e40e00c60e33b0c46b7e43642c40a0b61942c50

  • SHA512

    3c2af287303ca9d48064f1a1166dd1bbc6e5f555bb8d1018bdc2bdf21b596d70572fe87ce8531c54a9e7a34c4597ec7342340f43f5493c9fb84423fb5939fe47

Malware Config

Targets

    • Target

      8a3cfa2c1eca307047e5ac1d9b9046064bdad17641ee08d6eee919dc36a80ca3

    • Size

      190KB

    • MD5

      dc550751fff2488186c51f5307d5f633

    • SHA1

      1219651cb85920a609fe07a913800c3bca2173a8

    • SHA256

      8a3cfa2c1eca307047e5ac1d9b9046064bdad17641ee08d6eee919dc36a80ca3

    • SHA512

      f586c648c5badc53e1a97502f6102ccf9145de3a4eda8670751135f56a469d65371b6318196a6c7660d6131b2ec44272ebb8640d88715dcbc44ef8d148e18f12

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks