strrat | b8854611b04b7ff0269ba30bc535bc4ec583e639a4385818d80ef6ae9c16fb9d | Triage

Sharing

General

Target

41c176289fce610d62f725d77e3a7d01.zip
Size

99KB
Sample

240104-y19ptsaecr
MD5

41c176289fce610d62f725d77e3a7d01
SHA1

1dae1e614e39617736f087af8974eaccabbec6f2
SHA256

b8854611b04b7ff0269ba30bc535bc4ec583e639a4385818d80ef6ae9c16fb9d
SHA512

6fe3dc69a6f535ab70585e3c24a96f49971cf490be03263076e566d0f3c38f1388790d8b0db02f45ba65dde36c34147722ca374c813cba9dc4d372c4c4755948
SSDEEP

1536:ayNjdW+3p0L6R62S0Wn7xwxMwM7Xpg1XEWW0o37BwAQ/LjA7d9TMMuDTMoT6N:ayK+Z0SyRnlwKRy10z7O1A7ddMMu7TS

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

185.140.53.196:5052

185.244.30.213:5051

Attributes

license_id
PVW8-WK5J-OZYB-RCGX-ZPVO
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  41c176289fce610d62f725d77e3a7d01.zip
- Size
  
  99KB
- MD5
  
  41c176289fce610d62f725d77e3a7d01
- SHA1
  
  1dae1e614e39617736f087af8974eaccabbec6f2
- SHA256
  
  b8854611b04b7ff0269ba30bc535bc4ec583e639a4385818d80ef6ae9c16fb9d
- SHA512
  
  6fe3dc69a6f535ab70585e3c24a96f49971cf490be03263076e566d0f3c38f1388790d8b0db02f45ba65dde36c34147722ca374c813cba9dc4d372c4c4755948
- SSDEEP
  
  1536:ayNjdW+3p0L6R62S0Wn7xwxMwM7Xpg1XEWW0o37BwAQ/LjA7d9TMMuDTMoT6N:ayK+Z0SyRnlwKRy10z7O1A7ddMMu7TS
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2