strrat | e093519ffea585f56b485b0278d67368a4c0a705c098b622bb91fe127c25cb58 | Triage

Sharing

General

Target

78b6dca5e8d353aebf6f87328cb9c58c
Size

106KB
Sample

240126-3s5s5aacck
MD5

78b6dca5e8d353aebf6f87328cb9c58c
SHA1

2b2cff5ee5c5285c7e62061663976f84537713f5
SHA256

e093519ffea585f56b485b0278d67368a4c0a705c098b622bb91fe127c25cb58
SHA512

2702af06c744afd31832b14397a237b1e86a4e830136fb98431d85fb12026f9bc3e9cb37d17fd29bdf17350d254186a5daba2b2eb21da2ff46cf67cc84f7a37e
SSDEEP

3072:M+3P/hn44wHg1lk4bsQMEsvHCYAjiLV6N8f:MO47g3k4bLsvHFAjiLV6NU

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

103.156.90.52:4292

127.0.0.1:4292

Attributes

license_id
61DP-MVTK-7F5S-QIGT-AV1H
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  78b6dca5e8d353aebf6f87328cb9c58c
- Size
  
  106KB
- MD5
  
  78b6dca5e8d353aebf6f87328cb9c58c
- SHA1
  
  2b2cff5ee5c5285c7e62061663976f84537713f5
- SHA256
  
  e093519ffea585f56b485b0278d67368a4c0a705c098b622bb91fe127c25cb58
- SHA512
  
  2702af06c744afd31832b14397a237b1e86a4e830136fb98431d85fb12026f9bc3e9cb37d17fd29bdf17350d254186a5daba2b2eb21da2ff46cf67cc84f7a37e
- SSDEEP
  
  3072:M+3P/hn44wHg1lk4bsQMEsvHCYAjiLV6N8f:MO47g3k4bLsvHFAjiLV6NU
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2