strrat | 3a2d31eb696b7d885e6e9ca633bddd2672950f65d8349577ecb44413366571d1 | Triage

Sharing

General

Target

3a2d31eb696b7d885e6e9ca633bddd2672950f65d8349577ecb44413366571d1.jar
Size

400KB
Sample

240718-s7tdjaydjg
MD5

863973f0d6b66b27bdb617c57a956b42
SHA1

477b46c19bccc5143a71e057c0240a4ea87ca391
SHA256

3a2d31eb696b7d885e6e9ca633bddd2672950f65d8349577ecb44413366571d1
SHA512

18148d1f0bc7059e0e3a24ef58ce46780e62ed6ddf01e044c0c23594c6a7c82046faafdfdc5803644fe08ac670bed31bd2efcab654498a51d8beda0f832f8800
SSDEEP

12288:SBjSHT45m51JD5A1v7V355qjcVJP9iNe9:StWT45weBpDP9Qk

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  3a2d31eb696b7d885e6e9ca633bddd2672950f65d8349577ecb44413366571d1.jar
- Size
  
  400KB
- MD5
  
  863973f0d6b66b27bdb617c57a956b42
- SHA1
  
  477b46c19bccc5143a71e057c0240a4ea87ca391
- SHA256
  
  3a2d31eb696b7d885e6e9ca633bddd2672950f65d8349577ecb44413366571d1
- SHA512
  
  18148d1f0bc7059e0e3a24ef58ce46780e62ed6ddf01e044c0c23594c6a7c82046faafdfdc5803644fe08ac670bed31bd2efcab654498a51d8beda0f832f8800
- SSDEEP
  
  12288:SBjSHT45m51JD5A1v7V355qjcVJP9iNe9:StWT45weBpDP9Qk
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan