strrat | 461b50051439aafded874b3c252e2d2ca78b3ff4f27413e39ceca3f2d070d6cd | Triage

Sharing

General

Target

2911202301.jar
Size

125KB
Sample

231129-lybnssfe4y
MD5

61821f7547b53052a6691102d30edb39
SHA1

29fb5b476a7212892d8546715e6d706b89f4ca07
SHA256

461b50051439aafded874b3c252e2d2ca78b3ff4f27413e39ceca3f2d070d6cd
SHA512

e4d236e5713017f56cfd6746599479cee9d747b1e8a78dc8cee627d32e330197e641787df93f1221ddb52b4749a42dd9a744f1cf533a79e752ce6f4bda6e4483
SSDEEP

3072:l/BUDrxslF1DI2uEWIjrVrL1seAfLrNNB4:2xslFSJNInN1PL

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

lestencrypt.dnset.com:7888

lestencrypt.dnset.com:1780

Attributes

license_id
M5NG-QCTM-00LM-3XXT-3I3E
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  2911202301.jar
- Size
  
  125KB
- MD5
  
  61821f7547b53052a6691102d30edb39
- SHA1
  
  29fb5b476a7212892d8546715e6d706b89f4ca07
- SHA256
  
  461b50051439aafded874b3c252e2d2ca78b3ff4f27413e39ceca3f2d070d6cd
- SHA512
  
  e4d236e5713017f56cfd6746599479cee9d747b1e8a78dc8cee627d32e330197e641787df93f1221ddb52b4749a42dd9a744f1cf533a79e752ce6f4bda6e4483
- SSDEEP
  
  3072:l/BUDrxslF1DI2uEWIjrVrL1seAfLrNNB4:2xslFSJNInN1PL
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2