strrat | bd6ac640b46be854c95ed835f5dfcdeb95559d5b75a222e1b342891233d53ccc | Triage

Sharing

General

Target

2f514a6973bdd72c6f0cb740a88c53be
Size

105KB
Sample

231231-kjq99scga9
MD5

2f514a6973bdd72c6f0cb740a88c53be
SHA1

aa1a3e40ffaabf1d66a269555b9b015e797a0e22
SHA256

bd6ac640b46be854c95ed835f5dfcdeb95559d5b75a222e1b342891233d53ccc
SHA512

731ed2cd864eb5734ca1340d59eccfdc4336fc3ff49f317c14b548dae274bdca86e1d08b69d6ca7df4feee5c1ca3d892872f20c4595c15cc2c6b1a6fcd76ecbd
SSDEEP

3072:QgIITcDXy1FZm/EkRlpo95EBs6XRjgaup:Qhe1F9H9Ms6XRjHup

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

severdops.ddns.net:2201

Attributes

license_id
P2AP-K06V-U430-8310-7K76
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  2f514a6973bdd72c6f0cb740a88c53be
- Size
  
  105KB
- MD5
  
  2f514a6973bdd72c6f0cb740a88c53be
- SHA1
  
  aa1a3e40ffaabf1d66a269555b9b015e797a0e22
- SHA256
  
  bd6ac640b46be854c95ed835f5dfcdeb95559d5b75a222e1b342891233d53ccc
- SHA512
  
  731ed2cd864eb5734ca1340d59eccfdc4336fc3ff49f317c14b548dae274bdca86e1d08b69d6ca7df4feee5c1ca3d892872f20c4595c15cc2c6b1a6fcd76ecbd
- SSDEEP
  
  3072:QgIITcDXy1FZm/EkRlpo95EBs6XRjgaup:Qhe1F9H9Ms6XRjHup
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2