strrat | 156d5e5d3092bb9a57892de9cc2f46d397bf47cef4dd492573b6a7abbb0a1d98 | Triage

Sharing

General

Target

Bank transfer form.jar
Size

400KB
Sample

240719-wzwqgaxema
MD5

9149f42472342ff8632448b549129005
SHA1

37a99ddbaf3378fcfdec14291effee6b42ff8f06
SHA256

156d5e5d3092bb9a57892de9cc2f46d397bf47cef4dd492573b6a7abbb0a1d98
SHA512

ce2bd20fdf4d3c16bce125505936ac7a6089607cbce2b0eb095c77d259fb83918c9064da0e5fef6570c89e47b4d39e801a82b2732513232a110e07668d6f40ec
SSDEEP

12288:ihfKHT45C1FNDRQFv7J3tZqncVNP9iNON:iluT45gK1dTP9QY

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  Bank transfer form.jar
- Size
  
  400KB
- MD5
  
  9149f42472342ff8632448b549129005
- SHA1
  
  37a99ddbaf3378fcfdec14291effee6b42ff8f06
- SHA256
  
  156d5e5d3092bb9a57892de9cc2f46d397bf47cef4dd492573b6a7abbb0a1d98
- SHA512
  
  ce2bd20fdf4d3c16bce125505936ac7a6089607cbce2b0eb095c77d259fb83918c9064da0e5fef6570c89e47b4d39e801a82b2732513232a110e07668d6f40ec
- SSDEEP
  
  12288:ihfKHT45C1FNDRQFv7J3tZqncVNP9iNON:iluT45gK1dTP9QY
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan