General

  • Target

    announcements

  • Size

    118KB

  • Sample

    231009-kmkxnabf6z

  • MD5

    ba470e0dd508a414932df859f9e3ddc3

  • SHA1

    0f7b6dcde04e0f9b1a913ca5ba904c4640ed4645

  • SHA256

    e7e062110adc359631f2a153b7fea28ecaacc8d36b8f2809df13d91fa5393bd7

  • SHA512

    7aeff5ee9ae0d04282e6f10be206db80ef23bd22c6db41a095a7b5f59c2ed9d63fd361582ad2c7726fce0002872616f3f52461e3d85205f10ba0aed062cc051a

  • SSDEEP

    3072:DEeoeGk3qxg54bPb2/vjBx0knfjgd2P/T3kwl7Rz5hP8jLJql0:DEeoeGk3qxuImbwggIIwl7Rz5hd0

Score
10/10

Malware Config

Extracted

Family

strrat

C2

https://pastebin.com/raw/dFKy3ZDm:13570

https://pastebin.com/raw/dLzt4tRB:13569

Attributes
  • license_id

    W9MZ-7P83-CP8C-A4XM-IP0L

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      announcements

    • Size

      118KB

    • MD5

      ba470e0dd508a414932df859f9e3ddc3

    • SHA1

      0f7b6dcde04e0f9b1a913ca5ba904c4640ed4645

    • SHA256

      e7e062110adc359631f2a153b7fea28ecaacc8d36b8f2809df13d91fa5393bd7

    • SHA512

      7aeff5ee9ae0d04282e6f10be206db80ef23bd22c6db41a095a7b5f59c2ed9d63fd361582ad2c7726fce0002872616f3f52461e3d85205f10ba0aed062cc051a

    • SSDEEP

      3072:DEeoeGk3qxg54bPb2/vjBx0knfjgd2P/T3kwl7Rz5hP8jLJql0:DEeoeGk3qxuImbwggIIwl7Rz5hd0

    Score
    10/10
    • STRRAT

      STRRAT is a remote access tool than can steal credentials and log keystrokes.

MITRE ATT&CK Enterprise v15

Tasks