strrat | 7d1c70e850bc8b728d25f06292da6f1a92c3cadd780cc3ddbd09a86672b5bd4d | Triage

Sharing

General

Target

c340008b05ff34748fbf0ff15c52faaa.bin
Size

202KB
Sample

240304-ejadvshb9s
MD5

313799f6b80863e77551e4d52b732b8f
SHA1

f704e147786b309cdf32a0b83cb671c4b96bfd68
SHA256

7d1c70e850bc8b728d25f06292da6f1a92c3cadd780cc3ddbd09a86672b5bd4d
SHA512

84c72a46e5266587d70044ce5372d1c4b27960b4c5971b55b9f7ece27b960e0188b5cfe0075d84600e43da75b1fff815618bc069201fbf98a6eec0005de601fe
SSDEEP

6144:5gDioJw3n3pZWPYJCkTBzq0oqiQb3eLXgH8hUzFW:mDpAnHJCkTRq0oqRDeLXgH8Oz8

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

tzitziklishop3.ddns.net:7800

103.114.104.158:7800

Attributes

license_id
DB1U-CVGT-7HUG-X0A0-GNWH
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  7d1fed6f7a55e3208f33a3e084161f300403d1ad482ed4e04fca355c4807feec.jar
- Size
  
  209KB
- MD5
  
  c340008b05ff34748fbf0ff15c52faaa
- SHA1
  
  77886d206e6986724c0b98ed62eff26e04285363
- SHA256
  
  7d1fed6f7a55e3208f33a3e084161f300403d1ad482ed4e04fca355c4807feec
- SHA512
  
  13a3e34fbd701743d533d897785c5ccb1220ddf36c360e0cf9fd35d32f715a77e39c07c085182b0f548d1627618859b111f144309627802047609a2df687157b
- SSDEEP
  
  6144:L2V8BJFHt/MQhSWszygRLaVIkMCmu2PjVmyKa:L2yB39bVs3GIkMCmZKa
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2