strrat | 0ad50a0c8760fa7bf494835a3b7a853178942082219d3689d10b63ab499f0013 | Triage

Sharing

General

Target

receiptLetter.jar
Size

218KB
Sample

240124-lwmchsfdg3
MD5

5d81412b04fd717dee4692cd86123afd
SHA1

7061472c8d30baf69539188c848ba3d832f52ff5
SHA256

0ad50a0c8760fa7bf494835a3b7a853178942082219d3689d10b63ab499f0013
SHA512

7cb7c711db1d40c84540f568218582eb5e9925f67f6a661fcb29b766f23379371d98ce7cc1b2d2e4a2df977bdf09dd531b0fba1f47a2c2ee979999a830933a8b
SSDEEP

6144:K2dDJ1QpmuH/lNS0GD1+6QVOqzSuSlhcrlV2LepIU9:LBJWmuH/lN1GEP/SuSkd9

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

binacafe.duckdns.org:6586

127.0.0.1:6586

Attributes

license_id
ON0K-D4YD-8WHU-SHV5-GE8B
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  receiptLetter.jar
- Size
  
  218KB
- MD5
  
  5d81412b04fd717dee4692cd86123afd
- SHA1
  
  7061472c8d30baf69539188c848ba3d832f52ff5
- SHA256
  
  0ad50a0c8760fa7bf494835a3b7a853178942082219d3689d10b63ab499f0013
- SHA512
  
  7cb7c711db1d40c84540f568218582eb5e9925f67f6a661fcb29b766f23379371d98ce7cc1b2d2e4a2df977bdf09dd531b0fba1f47a2c2ee979999a830933a8b
- SSDEEP
  
  6144:K2dDJ1QpmuH/lNS0GD1+6QVOqzSuSlhcrlV2LepIU9:LBJWmuH/lN1GEP/SuSkd9
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2