strrat | 3fa3afdac631ebaa1b985f68a8022cde39b60be1e7b02e2cdfbcbf3e73d74472 | Triage

Sharing

General

Target

26bbaf5330243120bd7cb98592b723f7_JaffaCakes118
Size

703KB
Sample

241008-2x2ftszeqa
MD5

26bbaf5330243120bd7cb98592b723f7
SHA1

fa166312e25b3c45bf2d1afe85fe60ea02967b94
SHA256

3fa3afdac631ebaa1b985f68a8022cde39b60be1e7b02e2cdfbcbf3e73d74472
SHA512

bf04db80e0ee3e8b3ec07bb78a11c7e7616a89c02379d0714679ed29eee7ed7351637be8244d27292b28583cbbab868c51847776eb05810e9782116c367b3934
SSDEEP

6144:SZTwdqO2MV4EhguLGNBNFH6YiKxqiias1LaUOXnnS93rDFngKHcoJgnAMdjurqG7:3

Score

10^/10

strrat execution persistence stealer trojan

Malware Config

Targets

- Target
  
  26bbaf5330243120bd7cb98592b723f7_JaffaCakes118
- Size
  
  703KB
- MD5
  
  26bbaf5330243120bd7cb98592b723f7
- SHA1
  
  fa166312e25b3c45bf2d1afe85fe60ea02967b94
- SHA256
  
  3fa3afdac631ebaa1b985f68a8022cde39b60be1e7b02e2cdfbcbf3e73d74472
- SHA512
  
  bf04db80e0ee3e8b3ec07bb78a11c7e7616a89c02379d0714679ed29eee7ed7351637be8244d27292b28583cbbab868c51847776eb05810e9782116c367b3934
- SSDEEP
  
  6144:SZTwdqO2MV4EhguLGNBNFH6YiKxqiias1LaUOXnnS93rDFngKHcoJgnAMdjurqG7:3
Score

10^/10

execution strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratexecutionpersistencestealertrojan