strrat | 9177ca34e9e0244328e0b83f083b02e95bcd4893bcea21e216378ac3243333f6 | Triage

Sharing

General

Target

8553abaf8344cad053d55fe59f527c9e
Size

99KB
Sample

240131-3b1g3sgdaj
MD5

8553abaf8344cad053d55fe59f527c9e
SHA1

1173f23df96286b917ed5152d89b355a8d6aed4e
SHA256

9177ca34e9e0244328e0b83f083b02e95bcd4893bcea21e216378ac3243333f6
SHA512

59140beebae04b666fe30f7f80d2f32c5eefbce9bafc402aa7e99e534feec3a7d8a10f6fbe12a4a4b4654792d91d13e060bfa32ed245ec63ab9d5aac7d7b31f8
SSDEEP

3072:uzn2hOVG6lpY0UTlB0o53BGFWaCu4h4q0FL2q:uahOPhUj0oLGFWlu4hGFV

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

severdops.ddns.net:2201

Attributes

license_id
P2AP-K06V-U430-8310-7K76
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  IMAGE04082021.jar
- Size
  
  105KB
- MD5
  
  2f514a6973bdd72c6f0cb740a88c53be
- SHA1
  
  aa1a3e40ffaabf1d66a269555b9b015e797a0e22
- SHA256
  
  bd6ac640b46be854c95ed835f5dfcdeb95559d5b75a222e1b342891233d53ccc
- SHA512
  
  731ed2cd864eb5734ca1340d59eccfdc4336fc3ff49f317c14b548dae274bdca86e1d08b69d6ca7df4feee5c1ca3d892872f20c4595c15cc2c6b1a6fcd76ecbd
- SSDEEP
  
  3072:QgIITcDXy1FZm/EkRlpo95EBs6XRjgaup:Qhe1F9H9Ms6XRjHup
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2