strrat | ab74ea8eb5927fc6aa2b9527fa2aba688465d92f75b92be1862880f0cc61e4af | Triage

Submit
Reports

Overview

overview

Static

static

1

ad747e59d4...94.jar

windows7-x64

1

ad747e59d4...94.jar

windows10-2004-x64

Sharing

General

Target

7ca5588c60e103a7ec2531f10f70e7b4.bin
Size

446KB
Sample

240609-d5p6rsda8v
MD5

b0ca9e731a2b58326edcb24760ff2bbf
SHA1

36e0e9f64e1e6870e2db7a210e73c3a766ac773d
SHA256

ab74ea8eb5927fc6aa2b9527fa2aba688465d92f75b92be1862880f0cc61e4af
SHA512

2efe321c404cfc90a65d505195715d0084cac02bd022e13ce90ecb39d821f9d517a452427998f7cde4c4ba161494a9fc1d80e2c01139dfe9f1a4831066793bf5
SSDEEP

12288:b0qt0BmHIdNGJP+mTa6KH1vVkHQT8RI0C+J7JiRzgE:b0qt0Bm+GJRTaRHlV8QoRW+JEL

Score

10^/10

strrat discovery persistence stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

ad747e59d4d15a7585dc5aa943ecd9c3258a7de57a7269c882ff436932f51e94.jar

Resource

win7-20240220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

ad747e59d4d15a7585dc5aa943ecd9c3258a7de57a7269c882ff436932f51e94.jar

Resource

win10v2004-20240226-en

strrat discovery persistence stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  ad747e59d4d15a7585dc5aa943ecd9c3258a7de57a7269c882ff436932f51e94.zip
- Size
  
  452KB
- MD5
  
  7ca5588c60e103a7ec2531f10f70e7b4
- SHA1
  
  12d63977451d2bd0acc917975abb9148a8f9b8d2
- SHA256
  
  ad747e59d4d15a7585dc5aa943ecd9c3258a7de57a7269c882ff436932f51e94
- SHA512
  
  ac1814c1300f7cb87ff3e106aeba2944fd01f3306d35112b99cbd34b3449e218a54ffbba6198a7280cb74438f745f7ad57279a5d17b0bf334359e32e380819b9
- SSDEEP
  
  12288:WUcrdL9fstlH/MH0nSQkGrorW3J+RMhdQE6ZBj2l:wdL9fSlfGY2KorW5+RMhdQEip8
Score

10^/10

strrat discovery persistence stealer trojan
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Loads dropped DLL
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

strratdiscoverypersistencestealertrojan

© 2018-2024

Terms | Privacy