strrat | dd418fd6827cd6c3b3cda5f0b6f8e8e3b887d82b8ed51a3523475406e4850da7 | Triage

Sharing

General

Target

dd418fd6827cd6c3b3cda5f0b6f8e8e3b887d82b8ed51a3523475406e4850da7.js
Size

202KB
Sample

241024-cstsrazeqb
MD5

99fb9b2b5a775f8ea1ae9e4f8585d1dd
SHA1

37bdbbe6608d8871de738c3ba3cf67dad8b71067
SHA256

dd418fd6827cd6c3b3cda5f0b6f8e8e3b887d82b8ed51a3523475406e4850da7
SHA512

96dd2b5243670f843ea2ad078c19ca312295705f0f69be907f87127c0919f1eaa83a5d545ec3699774811dbdec5cb0e776d4544ab2bc946cfc11a68472317a4c
SSDEEP

6144:DQ+y8BtWEQpsaFj0N2t92UlaztT5dzzd6:kYnZc9lC50

Score

10^/10

strrat execution stealer trojan

Malware Config

Targets

- Target
  
  dd418fd6827cd6c3b3cda5f0b6f8e8e3b887d82b8ed51a3523475406e4850da7.js
- Size
  
  202KB
- MD5
  
  99fb9b2b5a775f8ea1ae9e4f8585d1dd
- SHA1
  
  37bdbbe6608d8871de738c3ba3cf67dad8b71067
- SHA256
  
  dd418fd6827cd6c3b3cda5f0b6f8e8e3b887d82b8ed51a3523475406e4850da7
- SHA512
  
  96dd2b5243670f843ea2ad078c19ca312295705f0f69be907f87127c0919f1eaa83a5d545ec3699774811dbdec5cb0e776d4544ab2bc946cfc11a68472317a4c
- SSDEEP
  
  6144:DQ+y8BtWEQpsaFj0N2t92UlaztT5dzzd6:kYnZc9lC50
Score

10^/10

execution strrat stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops startup file
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Scheduled Task/Job

Scheduled Task

Persistence

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Scheduled Task/Job

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratexecutionstealertrojan