Malware Analysis Report

2024-11-13 18:32

Sample ID 231231-dp8yyahea6
Target 25eb4023fba770092e7817c41ee2af7f
SHA256 bf25d7b400a7512ea948f5d98b39bf4729e3292f65dff05a289b779c25d23cea
Tags
strrat
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

bf25d7b400a7512ea948f5d98b39bf4729e3292f65dff05a289b779c25d23cea

Threat Level: Known bad

The file 25eb4023fba770092e7817c41ee2af7f was found to be: Known bad.

Malicious Activity Summary

strrat

Strrat family

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2023-12-31 03:12

Signatures

Strrat family

strrat

Analysis: behavioral1

Detonation Overview

Submitted

2023-12-31 03:12

Reported

2024-01-05 08:55

Platform

win7-20231215-en

Max time network

148s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
US 8.8.8.8:53 repo1.maven.org udp
US 8.8.8.8:53 github.com udp
US 199.232.192.209:443 repo1.maven.org tcp
US 199.232.192.209:443 repo1.maven.org tcp
US 199.232.192.209:443 repo1.maven.org tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2023-12-31 03:12

Reported

2024-01-05 08:55

Platform

win10v2004-20231215-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A