strrat | ddd4445e8ec135b6741c3a2e4bc76c2fe07ee338031fd6841da389503a98438b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ab2e5692258d40a9fa81cf465595e1a.bin
Size

213KB
Sample

230321-bc995aaa9t
MD5

6ee462fed7932ed5dc03ab122ae3e000
SHA1

73b79e42ed140ae889c7516fac39972e18cdc96e
SHA256

ddd4445e8ec135b6741c3a2e4bc76c2fe07ee338031fd6841da389503a98438b
SHA512

86d095d16159bc7ed7c9deab3eb0bbe4ba52f39a8c3bb125d36665e84def5b730dc73f19be03e6ce3513822114cb8d784111a436fe3a9bde5cac1fa5d199c173
SSDEEP

6144:FwWDfLXgAoezH2G6UDUdmQ4zIWBABPmCkr/zcoMaF+Jscw:FwW4W72G67Yrz5qBWl0w

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  645d88e82d8b0e75ccf0f38443029249598da6729c8eb4beaef021dce5860a7f.jar
- Size
  
  220KB
- MD5
  
  1ab2e5692258d40a9fa81cf465595e1a
- SHA1
  
  8904eb1d116713835ee50f44d36849d4b70617fe
- SHA256
  
  645d88e82d8b0e75ccf0f38443029249598da6729c8eb4beaef021dce5860a7f
- SHA512
  
  5d905dc377e3156ddce19be8d3a3eb7e73398c876aaf0aaaeab98386aa4816392986eb8857abbfca5a5aac5685cf501e4d479185ef56365010469f88caa904a2
- SSDEEP
  
  6144:Pdr9tGNDLN9y6/plymNG9D064w4VE2TP0qdBrK0:PLtGdLT/zPw2fDVE2nBr
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

strratpersistencestealertrojan

behavioral2