strrat | 36fe8b9f65dae5e382f1e5cb7fc08fae30df707065a0e3615d753d0215439dc6 | Triage

Sharing

General

Target

StageMix Technologies - Products List, Drawing & Specification.jar
Size

400KB
Sample

240719-mbdqbawbqm
MD5

694e01647c3fe609c82f10ba8e6ae711
SHA1

4fcacbef1ca57541cce0530117b42d6d568ae232
SHA256

36fe8b9f65dae5e382f1e5cb7fc08fae30df707065a0e3615d753d0215439dc6
SHA512

0c4ead6728c2f2327a6b7787f89147181232c76267671f51378d0bfe06efac59d83f54a11bbf6131a1011114905d2b597740dc29fdac2644f7b031a89ca17c8d
SSDEEP

12288:I4OkHTr5nw4MDRA0v7m3jSmDc8/P9iNIm8:IpATr59ISTFP9Qk

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  StageMix Technologies - Products List, Drawing & Specification.jar
- Size
  
  400KB
- MD5
  
  694e01647c3fe609c82f10ba8e6ae711
- SHA1
  
  4fcacbef1ca57541cce0530117b42d6d568ae232
- SHA256
  
  36fe8b9f65dae5e382f1e5cb7fc08fae30df707065a0e3615d753d0215439dc6
- SHA512
  
  0c4ead6728c2f2327a6b7787f89147181232c76267671f51378d0bfe06efac59d83f54a11bbf6131a1011114905d2b597740dc29fdac2644f7b031a89ca17c8d
- SSDEEP
  
  12288:I4OkHTr5nw4MDRA0v7m3jSmDc8/P9iNIm8:IpATr59ISTFP9Qk
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan