strrat | 680e2aed88d58236825214ef8639e6352c1f677766005c51697b045fb7ebcb5e | Triage

Sharing

General

Target

68.jar
Size

219KB
Sample

240219-t4jwcsgc5x
MD5

48ff25a531c219087a0a071614c49f5b
SHA1

a2305ef71ada6632620165422f5d28dccf87e648
SHA256

680e2aed88d58236825214ef8639e6352c1f677766005c51697b045fb7ebcb5e
SHA512

ead4cb5b17857ffc24cfb9d7876cf96ee60238d0856f0a710348f0384473f1e4543a8c7d8a8b12438a6f47d125a26be512091a87b222423efc830933517b6e48
SSDEEP

6144:cd8xFVsAxU/B6CPGjEFUNCOmckrVZd+VbhSR:cOxFVp+QZ7CzVWba

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

https://pastebin.com/raw/67b8GSUQ:13470

https://pastebin.com/raw/8umPhg86:13469

Attributes

license_id
AP9X-81G0-30TN-HSIO-6SFI
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  68.jar
- Size
  
  219KB
- MD5
  
  48ff25a531c219087a0a071614c49f5b
- SHA1
  
  a2305ef71ada6632620165422f5d28dccf87e648
- SHA256
  
  680e2aed88d58236825214ef8639e6352c1f677766005c51697b045fb7ebcb5e
- SHA512
  
  ead4cb5b17857ffc24cfb9d7876cf96ee60238d0856f0a710348f0384473f1e4543a8c7d8a8b12438a6f47d125a26be512091a87b222423efc830933517b6e48
- SSDEEP
  
  6144:cd8xFVsAxU/B6CPGjEFUNCOmckrVZd+VbhSR:cOxFVp+QZ7CzVWba
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2