strrat | 3546d4fa8249cfe559f61262d4914a3808ac7d9239d97ac91d57ef86c858b937 | Triage

Sharing

General

Target

1C24TVT_00005055.pdf.jar
Size

400KB
Sample

240723-hemeeashqr
MD5

0b6fbf92570074872a27c7c770e0df63
SHA1

8e59ba98c196cd3c490ceffbadb3bacf5380d3fe
SHA256

3546d4fa8249cfe559f61262d4914a3808ac7d9239d97ac91d57ef86c858b937
SHA512

bae3b3ceef3d16386ef829d206cd94dd7c2e690d078720bbb5f1c57809569b2f6dd953764c1b8219558bfe7ae5df763fc4ccf7c789d90f562af545c03838f38f
SSDEEP

12288:ujJmHTO5wfXjD5cnv7n3J3ijc3tP9iNSj:utiTO5OiL5fP9Q+

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  1C24TVT_00005055.pdf.jar
- Size
  
  400KB
- MD5
  
  0b6fbf92570074872a27c7c770e0df63
- SHA1
  
  8e59ba98c196cd3c490ceffbadb3bacf5380d3fe
- SHA256
  
  3546d4fa8249cfe559f61262d4914a3808ac7d9239d97ac91d57ef86c858b937
- SHA512
  
  bae3b3ceef3d16386ef829d206cd94dd7c2e690d078720bbb5f1c57809569b2f6dd953764c1b8219558bfe7ae5df763fc4ccf7c789d90f562af545c03838f38f
- SSDEEP
  
  12288:ujJmHTO5wfXjD5cnv7n3J3ijc3tP9iNSj:utiTO5OiL5fP9Q+
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan