strrat | 945fddfc1fa07995d86ba94d167693ce80f462b3738a6c1c05a5557601aadf2f | Triage

Sharing

General

Target

8c967e80d69f6d0407af817acc034ee9
Size

110KB
Sample

240203-r2lwtsebdq
MD5

8c967e80d69f6d0407af817acc034ee9
SHA1

2dab6fb260d020c40b92280effb4c6f91a97b0ed
SHA256

945fddfc1fa07995d86ba94d167693ce80f462b3738a6c1c05a5557601aadf2f
SHA512

63a9f6fd6ec35bb67eebda6a4f1cbb75a2a4d76a800afbac9b04aa2b65a767aab917fd1ba9bfac96386949b7103f96f9b4b66b7eceb2c09f2506d1b465552e15
SSDEEP

1536:m+6lO77EyNyGSZTvdBxX5CJgOn1HAqnA/GSHLx4hVtjZZ30mlz9YfijW/lS6:mFyYJxX5eggArOSrehHZZEmlx9C/D

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

51.255.83.207:77

Attributes

license_id
Q700-KUYB-QL61-6VZM-ZMMN
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  8c967e80d69f6d0407af817acc034ee9
- Size
  
  110KB
- MD5
  
  8c967e80d69f6d0407af817acc034ee9
- SHA1
  
  2dab6fb260d020c40b92280effb4c6f91a97b0ed
- SHA256
  
  945fddfc1fa07995d86ba94d167693ce80f462b3738a6c1c05a5557601aadf2f
- SHA512
  
  63a9f6fd6ec35bb67eebda6a4f1cbb75a2a4d76a800afbac9b04aa2b65a767aab917fd1ba9bfac96386949b7103f96f9b4b66b7eceb2c09f2506d1b465552e15
- SSDEEP
  
  1536:m+6lO77EyNyGSZTvdBxX5CJgOn1HAqnA/GSHLx4hVtjZZ30mlz9YfijW/lS6:mFyYJxX5eggArOSrehHZZEmlx9C/D
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2