strrat | 46455d4c17db7df0ee626d487ac4ad5c0988460ae0f4c2db7847295ee25588c7 | Triage

Sharing

General

Target

a2c3ec4f67755d54490d35200dd93e55
Size

98KB
Sample

240224-z3cnjsfd9v
MD5

a2c3ec4f67755d54490d35200dd93e55
SHA1

8a9d2dc3e89d80d5637ff3e1397213b4ec834cb7
SHA256

46455d4c17db7df0ee626d487ac4ad5c0988460ae0f4c2db7847295ee25588c7
SHA512

8464908ba753885ca2a30c639cb8beeca09b8c14517962eec3b9995549790f97100210268df7a48c8612d9349822b43646ec6df09b3a3b7daf9e7a0224f12ba2
SSDEEP

1536:Wdl51OeweysVpVGuJD7ANc5OMsdgN1P1wIG/FfizLtxXud6hGu3M:WWeVnGuJfASsdW1qFYz/dg

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

51.255.83.207:77

Attributes

license_id
Q700-KUYB-QL61-6VZM-ZMMN
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  a2c3ec4f67755d54490d35200dd93e55
- Size
  
  98KB
- MD5
  
  a2c3ec4f67755d54490d35200dd93e55
- SHA1
  
  8a9d2dc3e89d80d5637ff3e1397213b4ec834cb7
- SHA256
  
  46455d4c17db7df0ee626d487ac4ad5c0988460ae0f4c2db7847295ee25588c7
- SHA512
  
  8464908ba753885ca2a30c639cb8beeca09b8c14517962eec3b9995549790f97100210268df7a48c8612d9349822b43646ec6df09b3a3b7daf9e7a0224f12ba2
- SSDEEP
  
  1536:Wdl51OeweysVpVGuJD7ANc5OMsdgN1P1wIG/FfizLtxXud6hGu3M:WWeVnGuJfASsdW1qFYz/dg
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2