strrat | 6fa54063f8df6a66f260e0afb990050290a51f3bf62ac3637bde4706ae0e48b9 | Triage

Resubmissions

21-01-2025 09:44

250121-lqwn1axqfr 10

16-01-2025 20:53

250116-zprwbaylfz 10

Sharing

General

Target

6fa54063f8df6a66f260e0afb990050290a51f3bf62ac3637bde4706ae0e48b9N.zip
Size

448KB
Sample

250121-lqwn1axqfr
MD5

cbfcb1871689de9ae581077fb14ff9f0
SHA1

3bfaa4103babb57e94be92c3612c98deccef5a0f
SHA256

6fa54063f8df6a66f260e0afb990050290a51f3bf62ac3637bde4706ae0e48b9
SHA512

c7067bf22b6776f857a416b30370c7d783c5551a7f806db2e0c24185e8192e4b40f79f553511ef0fdc74ed87b846bf81bd51a8a74a8fed4e0db4003f7c120d4c
SSDEEP

12288:ou5PgrSyDEC28CabSuJWujUVqTGrw6p4n:yeyYC28CalJrjMqT6B0

Score

10^/10

strrat persistence stealer trojan

Malware Config

Targets

- Target
  
  6fa54063f8df6a66f260e0afb990050290a51f3bf62ac3637bde4706ae0e48b9N.zip
- Size
  
  448KB
- MD5
  
  cbfcb1871689de9ae581077fb14ff9f0
- SHA1
  
  3bfaa4103babb57e94be92c3612c98deccef5a0f
- SHA256
  
  6fa54063f8df6a66f260e0afb990050290a51f3bf62ac3637bde4706ae0e48b9
- SHA512
  
  c7067bf22b6776f857a416b30370c7d783c5551a7f806db2e0c24185e8192e4b40f79f553511ef0fdc74ed87b846bf81bd51a8a74a8fed4e0db4003f7c120d4c
- SSDEEP
  
  12288:ou5PgrSyDEC28CabSuJWujUVqTGrw6p4n:yeyYC28CalJrjMqT6B0
Score

10^/10

strrat persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Strrat family
  strrat
- Drops startup file
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

strratpersistencestealertrojan