strrat | 4dbff816078ea1a3d68f2c41d8f02b0e3f8d66abba23cfdb09f21e8610f11d48 | Triage

Sharing

General

Target

5bab8dc21469e0cb7634663133a87b49
Size

109KB
Sample

240115-ayp1msfab3
MD5

5bab8dc21469e0cb7634663133a87b49
SHA1

410ee42993b8df0016a64fc6dcb8791302766742
SHA256

4dbff816078ea1a3d68f2c41d8f02b0e3f8d66abba23cfdb09f21e8610f11d48
SHA512

39bd26766b0670256730911676bb5e3d5deda2809a611db56a2c7841e8088f2ce71984f54a381e0c8ac542787a0f88e67ea6c9b4d00a90e33ba748e8914e4852
SSDEEP

3072:/0AI4r/zd/tssGMSRGXRK68dJOFdjSH8mRdV:MBEzd/tyRw8dgDjSNdV

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

severdops.ddns.net:2201

Attributes

license_id
P2AP-K06V-U430-8310-7K76
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  5bab8dc21469e0cb7634663133a87b49
- Size
  
  109KB
- MD5
  
  5bab8dc21469e0cb7634663133a87b49
- SHA1
  
  410ee42993b8df0016a64fc6dcb8791302766742
- SHA256
  
  4dbff816078ea1a3d68f2c41d8f02b0e3f8d66abba23cfdb09f21e8610f11d48
- SHA512
  
  39bd26766b0670256730911676bb5e3d5deda2809a611db56a2c7841e8088f2ce71984f54a381e0c8ac542787a0f88e67ea6c9b4d00a90e33ba748e8914e4852
- SSDEEP
  
  3072:/0AI4r/zd/tssGMSRGXRK68dJOFdjSH8mRdV:MBEzd/tyRw8dgDjSNdV
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2