strrat | 4b8d0b78d89d1907b33b64cd146900580c7d50771ad7f224c4aaebec14eb3212 | Triage

Sharing

General

Target

PaymentAdvicejarjarjar.jar
Size

70KB
Sample

230630-rf9qrsec9t
MD5

4761d770468b1b41eb0aa26c57e4e605
SHA1

d5674e55de3521a89b9e0b04bac2b96bf7d187f4
SHA256

4b8d0b78d89d1907b33b64cd146900580c7d50771ad7f224c4aaebec14eb3212
SHA512

4feb251474ac747ff07df3a29c1c70ba0781df2759e90352433500b03143e8f78273087dc17c660b32c7cb62fa5d975daef10dfae52bfb7729d5a007fa8f472c
SSDEEP

1536:qRG3rplWPsBziFqGWGuhqqOGgPqNGAO53N+3:qRGb2meFqGWGuhq3Gpa5303

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  PaymentAdvicejarjarjar.jar
- Size
  
  70KB
- MD5
  
  4761d770468b1b41eb0aa26c57e4e605
- SHA1
  
  d5674e55de3521a89b9e0b04bac2b96bf7d187f4
- SHA256
  
  4b8d0b78d89d1907b33b64cd146900580c7d50771ad7f224c4aaebec14eb3212
- SHA512
  
  4feb251474ac747ff07df3a29c1c70ba0781df2759e90352433500b03143e8f78273087dc17c660b32c7cb62fa5d975daef10dfae52bfb7729d5a007fa8f472c
- SSDEEP
  
  1536:qRG3rplWPsBziFqGWGuhqqOGgPqNGAO53N+3:qRGb2meFqGWGuhq3Gpa5303
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Registry Run Keys / Startup Folder

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

strratpersistencestealertrojan

behavioral2

strratpersistencestealertrojan