strrat | 5d30b7b16031ee4e7067544bfd46679ed779acff08d7b9f149a088157ac99c0c | Triage

Sharing

General

Target

3a8408bd24e0c03eff82e67943d10f23.bin
Size

475KB
Sample

240609-b8tl9ace32
MD5

95da747036b8a3d53c23d03379accc11
SHA1

fb0b3b8faf4f177f56ec250c5864ea6ed7895612
SHA256

5d30b7b16031ee4e7067544bfd46679ed779acff08d7b9f149a088157ac99c0c
SHA512

900c11d573be664182ccce01e37eb86b35708b597c3c8010b925f9e2f401ac44bda14412f16b358117cd35534a70a442a98306cf252f9ed58792f6c6b6265b1b
SSDEEP

12288:1FZkndXohxDmCJeDF7IDGgrlABf4073ZJVKTWHzXz0o4T8H:1Ed4DmCJiiDGgqBfh73HVKiBtH

Score

10^/10

strrat discovery persistence stealer trojan

Malware Config

Targets

- Target
  
  3aa407592573d9cdc3527c18d778d71b83dfbc9bc6b638f619229d9d8c51d61d.jar
- Size
  
  481KB
- MD5
  
  3a8408bd24e0c03eff82e67943d10f23
- SHA1
  
  15905ce2e7170b6dd2110d793820665a5d7ea1eb
- SHA256
  
  3aa407592573d9cdc3527c18d778d71b83dfbc9bc6b638f619229d9d8c51d61d
- SHA512
  
  46044d9727ae1ee10dd7f0aa108b3717cb2dccd995d505af115f35edb45b649a47533ccabd50d2a2c44d90a87ababc231e2acc01672dfe35f02eb7b739653d20
- SSDEEP
  
  12288:6tlWvKeQSPEUpTroRFoRb5h7BC2JBMct62xKcO:6fWvlvXoEtMM62S
Score

10^/10

strrat discovery persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Loads dropped DLL
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratdiscoverypersistencestealertrojan