Overview

overview

10

Static

static

1

de9c4c7566...28.jar

windows7-x64

1

de9c4c7566...28.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de9c4c756623a2893c8ea5a8918ab8796ebe248bc956aba788ba7e84ed420a28.jar

  • Size

    452KB

  • Sample

    240607-dbtbbsge31

  • MD5

    84be8a1b68d7a353710700029fd8349b

  • SHA1

    36663d658ae5a108124c505fb47adb59a09f6733

  • SHA256

    de9c4c756623a2893c8ea5a8918ab8796ebe248bc956aba788ba7e84ed420a28

  • SHA512

    0ffcc35d03e5c4a0314c8d7cc6e707e1ea3cc078f2beeaffa5a89ef56f47e8755932302105ad87b73a7859c38056369f0eda0a3a8ca195ebe647f6ba608f359a

  • SSDEEP

    12288:uUpr2+6KZAuH/MlEntQRGrohbMYLLMhuQ1vnotaS:L2+6KSuf4omKohbVLLMhuQ1vGD

Score
10/10
strratdiscoverypersistencestealertrojan

Malware Config

Targets

    • Target

      de9c4c756623a2893c8ea5a8918ab8796ebe248bc956aba788ba7e84ed420a28.jar

    • Size

      452KB

    • MD5

      84be8a1b68d7a353710700029fd8349b

    • SHA1

      36663d658ae5a108124c505fb47adb59a09f6733

    • SHA256

      de9c4c756623a2893c8ea5a8918ab8796ebe248bc956aba788ba7e84ed420a28

    • SHA512

      0ffcc35d03e5c4a0314c8d7cc6e707e1ea3cc078f2beeaffa5a89ef56f47e8755932302105ad87b73a7859c38056369f0eda0a3a8ca195ebe647f6ba608f359a

    • SSDEEP

      12288:uUpr2+6KZAuH/MlEntQRGrohbMYLLMhuQ1vnotaS:L2+6KSuf4omKohbVLLMhuQ1vGD

    Score
    10/10
    strratdiscoverypersistencestealertrojan

    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

      trojanstealerstrrat

    • Drops startup file

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Adds Run key to start application

      persistence

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks