strrat | d4f46e2bc502de0d49fc2f261e066dc6b658c778d253fbe846fcc80dcd4c8d9e | Triage

Submit
Reports

Overview

overview

Static

static

0a830444a8...f9.jar

windows7-x64

0a830444a8...f9.jar

windows10-2004-x64

Sharing

General

Target

0a830444a8c87e98ea93f7e726ecf1aa22aa07799bf6d374edc2c5dfdde511f9.zip
Size

62KB
Sample

240626-vygpgsxcql
MD5

2eb3cb978a6cf138ffe0771cc0f381f0
SHA1

2c20b71be9e9428d45eef3d2f546f6f379dcee70
SHA256

d4f46e2bc502de0d49fc2f261e066dc6b658c778d253fbe846fcc80dcd4c8d9e
SHA512

6858c75891a34ef9c02f9b7fcc103bc841c8f804174e81c9789bca54cde1bcfeb3c701f24f45715b58f85d1cc56e4c94c39373d9537aae9cb2e7337e37d3584f
SSDEEP

1536:oo1MTimuzPrbL69hbDiG6Cmtlci3o1Ty7A+NRvLvw206:B2EzDH6POymtlci3opy7zzLY27

Score

10^/10

strrat discovery persistence stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0a830444a8c87e98ea93f7e726ecf1aa22aa07799bf6d374edc2c5dfdde511f9.jar

Resource

win7-20240419-en

strrat persistence stealer trojan

windows7-x64

6 signatures

300 seconds

Behavioral task

behavioral2

Sample

0a830444a8c87e98ea93f7e726ecf1aa22aa07799bf6d374edc2c5dfdde511f9.jar

Resource

win10v2004-20240226-en

strrat discovery persistence stealer trojan

windows10-2004-x64

11 signatures

300 seconds

Malware Config

Targets

- Target
  
  0a830444a8c87e98ea93f7e726ecf1aa22aa07799bf6d374edc2c5dfdde511f9.jar
- Size
  
  64KB
- MD5
  
  f27c858bd876a8b76099a27355ec5a8d
- SHA1
  
  ede4b114704aa305aa5d8a38efac970870c8830f
- SHA256
  
  0a830444a8c87e98ea93f7e726ecf1aa22aa07799bf6d374edc2c5dfdde511f9
- SHA512
  
  e570de2b4777aeea10394bef836454242408aea2fa953e5af52da3d0e200baa560d2a3732ebc69becff7a6acc1a9d2b4a1b5c430420a6cc47a9efe278500d721
- SSDEEP
  
  1536:4M/kpUvIa3EVYmmd2ittWJiQYciZbzHbWf9CRkgjaCpwrkd:cUvImEVrEOiQGZrkxEBwa
Score

10^/10

strrat persistence stealer trojan discovery
- STRRAT
  STRRAT is a remote access tool than can steal credentials and log keystrokes.
  trojan stealer strrat
- Drops startup file
- Modifies file permissions
  discovery
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

Scheduled Task

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Scheduled Task/Job

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

strratpersistencestealertrojan

behavioral2

strratdiscoverypersistencestealertrojan

© 2018-2024

Terms | Privacy