strrat | 59ec302ae2e1ce1d95a445986737455f84961c2287a7b4fc381b601442fb18f2 | Triage

Sharing

General

Target

73b16707becb49081784b85180af8fe6
Size

104KB
Sample

240125-eny8safgd9
MD5

73b16707becb49081784b85180af8fe6
SHA1

4e69a183a5ec727a675efe11910e7a1257887bbd
SHA256

59ec302ae2e1ce1d95a445986737455f84961c2287a7b4fc381b601442fb18f2
SHA512

50aade2433198ea62483bb6ce0b74c9d8060a11d94c441bcd9c58a48551222e57be228cb422e86c485bc5b56e6857450d4799e8bc837cc07dfc34de471b892b0
SSDEEP

1536:a2ekI6k+IGOJ7hMjdNZSFd/H7Fjk8DdE/AbF9mq5RNP3KolPWmP/fZREB4Ajuzt7:aJk/hP27+/cF48Dj7mqLZQmP/fZRZzl

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

103.156.90.52:4292

127.0.0.1:4292

Attributes

license_id
61DP-MVTK-7F5S-QIGT-AV1H
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  73b16707becb49081784b85180af8fe6
- Size
  
  104KB
- MD5
  
  73b16707becb49081784b85180af8fe6
- SHA1
  
  4e69a183a5ec727a675efe11910e7a1257887bbd
- SHA256
  
  59ec302ae2e1ce1d95a445986737455f84961c2287a7b4fc381b601442fb18f2
- SHA512
  
  50aade2433198ea62483bb6ce0b74c9d8060a11d94c441bcd9c58a48551222e57be228cb422e86c485bc5b56e6857450d4799e8bc837cc07dfc34de471b892b0
- SSDEEP
  
  1536:a2ekI6k+IGOJ7hMjdNZSFd/H7Fjk8DdE/AbF9mq5RNP3KolPWmP/fZREB4Ajuzt7:aJk/hP27+/cF48Dj7mqLZQmP/fZRZzl
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2