| Description: | | STRRAT is a multi-functional Java-based remote access tool (RAT) that is known for its data stealing capabilities and fake ransomware-like behavior. Attackers distribute StrRAT malware through malicious email campaigns. This RAT can steal browser credentials, log keystrokes and take remote control of infected systems. This rule is used to detect the C2 request of STRRAT. This rule is used to detect the C2 command up-n-exec issued by the STRRAT server to the client. This rule is used to detect that the STRRAT client updates the jar package for rat activity. |