strrat | 63c6996a03acda7db008bf6d1522b06efdff5fcdf7103b31767ebd47cee72a59 | Triage

Sharing

General

Target

Attachment.jar
Size

209KB
Sample

240301-nm7yzafg5z
MD5

2d5d4212065ca4cd30b1db90d381a709
SHA1

932d1a564bcbf46488d9797c8bfe4463390d0799
SHA256

63c6996a03acda7db008bf6d1522b06efdff5fcdf7103b31767ebd47cee72a59
SHA512

e8e39bbdf062a6097e99752c845ef8ccbe705bce5251c5a68905cfcfcf6139e722cacaaaab733a82b54323b651e5edff07cfff65b3103175f938dceb39cedc37
SSDEEP

6144:+Io8hJ0H//T5pbC8zylRdUVR36TduPPGVmyKb:+IxhuXnm8WGR36Ti6Kb

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

tzitziklishop3.ddns.net:7800

103.114.104.158:7800

Attributes

license_id
DB1U-CVGT-7HUG-X0A0-GNWH
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  Attachment.jar
- Size
  
  209KB
- MD5
  
  2d5d4212065ca4cd30b1db90d381a709
- SHA1
  
  932d1a564bcbf46488d9797c8bfe4463390d0799
- SHA256
  
  63c6996a03acda7db008bf6d1522b06efdff5fcdf7103b31767ebd47cee72a59
- SHA512
  
  e8e39bbdf062a6097e99752c845ef8ccbe705bce5251c5a68905cfcfcf6139e722cacaaaab733a82b54323b651e5edff07cfff65b3103175f938dceb39cedc37
- SSDEEP
  
  6144:+Io8hJ0H//T5pbC8zylRdUVR36TduPPGVmyKb:+IxhuXnm8WGR36Ti6Kb
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2