strrat | 147a2f0b5db31df9dd9ed75cf520cf7b434e26e286392dadbbcaff90df219d28 | Triage

Sharing

General

Target

7e2ab591bedbba74f8eec6456ae47d5d
Size

102KB
Sample

240128-2c3hdsbee9
MD5

7e2ab591bedbba74f8eec6456ae47d5d
SHA1

5c835fdf5fa55493eb7bc9a711a9cf417ded08ed
SHA256

147a2f0b5db31df9dd9ed75cf520cf7b434e26e286392dadbbcaff90df219d28
SHA512

b13365a04eb72e7aedaf8173a196b5ce4a24d81ba1462ac59fbaf7ec568d97b2760643c0d727a7bb125d6a8ce861786102dbbab9dc89fdcc8411cf7031dd5ca4
SSDEEP

1536:rPApu9LxVwivNyje/xCkj4qzzrv1CVftcO7pChN1mb+n1EKF/FZ7FQo9y:xLHZp1jxzrv1C0Vhyb+n1EWdZ5Vy

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

103.156.90.52:4292

127.0.0.1:4292

Attributes

license_id
61DP-MVTK-7F5S-QIGT-AV1H
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  7e2ab591bedbba74f8eec6456ae47d5d
- Size
  
  102KB
- MD5
  
  7e2ab591bedbba74f8eec6456ae47d5d
- SHA1
  
  5c835fdf5fa55493eb7bc9a711a9cf417ded08ed
- SHA256
  
  147a2f0b5db31df9dd9ed75cf520cf7b434e26e286392dadbbcaff90df219d28
- SHA512
  
  b13365a04eb72e7aedaf8173a196b5ce4a24d81ba1462ac59fbaf7ec568d97b2760643c0d727a7bb125d6a8ce861786102dbbab9dc89fdcc8411cf7031dd5ca4
- SSDEEP
  
  1536:rPApu9LxVwivNyje/xCkj4qzzrv1CVftcO7pChN1mb+n1EKF/FZ7FQo9y:xLHZp1jxzrv1C0Vhyb+n1EWdZ5Vy
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2