strrat | 765fea8fa3d7b416a6d91cd207475ebf0d4f30c0683abbf808f4a588f5a21f7a | Triage

Sharing

General

Target

765fea8fa3d7b416a6d91cd207475ebf0d4f30c0683abbf808f4a588f5a21f7a.zip
Size

400KB
Sample

240717-v4vtasvarh
MD5

44e7ed7db911ca6dbced753332096010
SHA1

ad0a1f0c3f22c1a9d5761e7114b83ad7fc0b7862
SHA256

765fea8fa3d7b416a6d91cd207475ebf0d4f30c0683abbf808f4a588f5a21f7a
SHA512

44185c9a0803939f48862233030e67c3a9410408ed82b457d56c228455043cf033700ae407e11c2ce7300ee0bf3361e39692546b24471c80fadb09c5ec7cdabe
SSDEEP

12288:irx+HTG58bD7Dtc3v7n35XmjcXhP9iNyG:iNaTG5Ou7pDP9Q9

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  765fea8fa3d7b416a6d91cd207475ebf0d4f30c0683abbf808f4a588f5a21f7a.zip
- Size
  
  400KB
- MD5
  
  44e7ed7db911ca6dbced753332096010
- SHA1
  
  ad0a1f0c3f22c1a9d5761e7114b83ad7fc0b7862
- SHA256
  
  765fea8fa3d7b416a6d91cd207475ebf0d4f30c0683abbf808f4a588f5a21f7a
- SHA512
  
  44185c9a0803939f48862233030e67c3a9410408ed82b457d56c228455043cf033700ae407e11c2ce7300ee0bf3361e39692546b24471c80fadb09c5ec7cdabe
- SSDEEP
  
  12288:irx+HTG58bD7Dtc3v7n35XmjcXhP9iNyG:iNaTG5Ou7pDP9Q9
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan