Extracted

• • Target

    5d16505a5abfcfc99095a676f1f0bd64.jar

  • Size

    64KB

  • MD5

    5d16505a5abfcfc99095a676f1f0bd64

  • SHA1

    facfb1f1014ba5f8c8618678a1a9a7f5bf5c35e5

  • SHA256

    39694a390267d62c814460cb461426a78d3d43a701f5877896c8cbec48c7827d

  • SHA512

    a49885eb60f6429c1247ae44bcf806836031a7191078a3b14b47c26b577bd2824d64ab17df8244361e114235600043188eae2794f58f299094976682865dc2cb

  • SSDEEP

    1536:UNWRlwUsz/P+zKG2X2CWYqLvSUWD+YBFBbOl+H/Zm:UNisz/6YriYFfH/Zm

  Score

  10^/10

  strratpersistencestealertrojandiscovery

  • STRRAT

    STRRAT is a remote access tool than can steal credentials and log keystrokes.

    trojanstealerstrrat

  • Drops startup file

  • Modifies file permissions

    discovery

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2