strrat | d21387f0e105c87fbe306d01cecb7b157ee02978875af513fc0733cbc5a52cf5 | Triage

Sharing

General

Target

a14320e418691e19a1dcc5fbb3a5c950
Size

108KB
Sample

240224-h2z9sach96
MD5

a14320e418691e19a1dcc5fbb3a5c950
SHA1

753ad196ba9325963be982be083defa61e58e876
SHA256

d21387f0e105c87fbe306d01cecb7b157ee02978875af513fc0733cbc5a52cf5
SHA512

da8b9b1693072b57cd181296ed5fd2f1e571b12d4c4419079e2bba07243aee7e772aa85009a8b97026207a3e8e9536144d005dbdd8a7a11d181d109578d1ebc8
SSDEEP

3072:bZ07hOYZ860cicigzJsJG+Aq1tb+xxgv6Y:tehOY/PicpCGnytb+xo

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

51.255.83.207:77

Attributes

license_id
Q700-KUYB-QL61-6VZM-ZMMN
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  a14320e418691e19a1dcc5fbb3a5c950
- Size
  
  108KB
- MD5
  
  a14320e418691e19a1dcc5fbb3a5c950
- SHA1
  
  753ad196ba9325963be982be083defa61e58e876
- SHA256
  
  d21387f0e105c87fbe306d01cecb7b157ee02978875af513fc0733cbc5a52cf5
- SHA512
  
  da8b9b1693072b57cd181296ed5fd2f1e571b12d4c4419079e2bba07243aee7e772aa85009a8b97026207a3e8e9536144d005dbdd8a7a11d181d109578d1ebc8
- SSDEEP
  
  3072:bZ07hOYZ860cicigzJsJG+Aq1tb+xxgv6Y:tehOY/PicpCGnytb+xo
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2