strrat | 0c10cc3d71089b66a0f5de22c6ebdba38d259ff11e3e06b2e75a47057bb39695 | Triage

Sharing

General

Target

Payment.Telex-pdf (2).jar
Size

316KB
Sample

241014-wnkttsycjc
MD5

fced21ecda2fc3f2f643e9f6bf051ec0
SHA1

26fd205a76f77227b4b4349faa39af1aff0521ab
SHA256

0c10cc3d71089b66a0f5de22c6ebdba38d259ff11e3e06b2e75a47057bb39695
SHA512

f285e1a10b59dce420325f8a77c69a2464951ecee4c0a4d6f0a9465f7b9c6adc878ed870091f3e1b31002c32b47c3cac7ab4bca66165dc286f37ff0772ed7df9
SSDEEP

6144:37sgXtMbe6aAscrO9vOgudC4KrdBa68/ONpqm4TYWqzMvkMeZYu8:3wt0AscS9vjwT0BhLNpqJTG4sMFu8

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  Payment.Telex-pdf (2).jar
- Size
  
  316KB
- MD5
  
  fced21ecda2fc3f2f643e9f6bf051ec0
- SHA1
  
  26fd205a76f77227b4b4349faa39af1aff0521ab
- SHA256
  
  0c10cc3d71089b66a0f5de22c6ebdba38d259ff11e3e06b2e75a47057bb39695
- SHA512
  
  f285e1a10b59dce420325f8a77c69a2464951ecee4c0a4d6f0a9465f7b9c6adc878ed870091f3e1b31002c32b47c3cac7ab4bca66165dc286f37ff0772ed7df9
- SSDEEP
  
  6144:37sgXtMbe6aAscrO9vOgudC4KrdBa68/ONpqm4TYWqzMvkMeZYu8:3wt0AscS9vjwT0BhLNpqJTG4sMFu8
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan