strrat | 7d1fed6f7a55e3208f33a3e084161f300403d1ad482ed4e04fca355c4807feec | Triage

Sharing

General

Target

New Oder product list.jar
Size

209KB
Sample

240302-v1zm3sfh65
MD5

c340008b05ff34748fbf0ff15c52faaa
SHA1

77886d206e6986724c0b98ed62eff26e04285363
SHA256

7d1fed6f7a55e3208f33a3e084161f300403d1ad482ed4e04fca355c4807feec
SHA512

13a3e34fbd701743d533d897785c5ccb1220ddf36c360e0cf9fd35d32f715a77e39c07c085182b0f548d1627618859b111f144309627802047609a2df687157b
SSDEEP

6144:L2V8BJFHt/MQhSWszygRLaVIkMCmu2PjVmyKa:L2yB39bVs3GIkMCmZKa

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

tzitziklishop3.ddns.net:7800

103.114.104.158:7800

Attributes

license_id
DB1U-CVGT-7HUG-X0A0-GNWH
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  New Oder product list.jar
- Size
  
  209KB
- MD5
  
  c340008b05ff34748fbf0ff15c52faaa
- SHA1
  
  77886d206e6986724c0b98ed62eff26e04285363
- SHA256
  
  7d1fed6f7a55e3208f33a3e084161f300403d1ad482ed4e04fca355c4807feec
- SHA512
  
  13a3e34fbd701743d533d897785c5ccb1220ddf36c360e0cf9fd35d32f715a77e39c07c085182b0f548d1627618859b111f144309627802047609a2df687157b
- SSDEEP
  
  6144:L2V8BJFHt/MQhSWszygRLaVIkMCmu2PjVmyKa:L2yB39bVs3GIkMCmZKa
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2