Extracted

• • Target

    PTIN_Report_PDF.jar

  • Size

    274KB

  • MD5

    b187065caca5efb5c27b6f7c7e30911e

  • SHA1

    5c95b2d528bb299882c65d96e1b6b40ae73d743e

  • SHA256

    b18a9dead26f002ca14b0edcd77bd06f251863316c6a6aff78fcb98427ee9fca

  • SHA512

    171220711d4dc96c138eeee5ff27c608ab1de1482e98b29bbd96eed386218fe82783d009074cba2a52bd13511c7bf1ffb881ffe28714ec1666fa9c5b8eb8f5ab

  • SSDEEP

    3072:sO+pajBcGuswdmusQpet/j5INeNvNdHT3RobaJTKja21QLc1T:1jGIwdRHpetigF1Vxf2N

  Score

  10^/10

  strratpersistencestealertrojan

  • STRRAT

    STRRAT is a remote access tool than can steal credentials and log keystrokes.

    trojanstealerstrrat

  • Drops startup file

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Looks up external IP address via web service

    Uses a legitimate IP lookup service to find the infected system's external IP.

  behavioral1behavioral2