strrat | c5bf61e32163c49c0ee9f50a6965ad445aa58619be92fe63752a6ebbfd00e31c | Triage

Sharing

General

Target

090067ccd28dc697d7f84eda16ec894d.bin
Size

404KB
Sample

241016-bcylbsyfjp
MD5

37a9c1bae198c3ce4939cbfebdcc91f3
SHA1

d47c5e37a2f11eb8366bba97d6f1b9f9dce91265
SHA256

c5bf61e32163c49c0ee9f50a6965ad445aa58619be92fe63752a6ebbfd00e31c
SHA512

2a67b1a006beece6b267ff0212e69ce4539cfe60f8d0af1d8d569d4604e858611bd247769f30576825e91450e802b54b38e8b871f951f17f15126ba555b1497c
SSDEEP

12288:N8WX9LaDHYbZ8SDCWN9W3mLnp1Xu79OG4:NZX9ODHYbZ8SDCWN9vLp1YsH

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  e05754709194a77dbb090e99877d0df694b1e86b15afb467a930a5d934a08ac0.jar
- Size
  
  410KB
- MD5
  
  090067ccd28dc697d7f84eda16ec894d
- SHA1
  
  ffe35109e8e015a0a5c851b2762a3d78be64d4d6
- SHA256
  
  e05754709194a77dbb090e99877d0df694b1e86b15afb467a930a5d934a08ac0
- SHA512
  
  2069584c2327f294c207c324dbb3e8c0fa7758799423b255ccf9eb311a7821f08071f316767497747b26b8c0d9be051752d92415e04f343be650a673b779b91f
- SSDEEP
  
  6144:4N1Ezmx5uv9Acyk2ObLaJaJ+rY7J46/jU5VQVCCQVoDF3pKGIH0Qu8r0Rss6E:4NWmxwlAZBObLaJakr03/jFpKXO8r0L
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan