strrat | 009033a7c6762dfd9f4aceab9eba3241b50491d0d3cff02ca8f6991a0814d4c8 | Triage

Sharing

General

Target

c7adcd12631227ed62d6ab3c995eff01
Size

102KB
Sample

240314-ezryvacf46
MD5

c7adcd12631227ed62d6ab3c995eff01
SHA1

bfe1d108798004af37f8b1d8dcbc4711634cfbab
SHA256

009033a7c6762dfd9f4aceab9eba3241b50491d0d3cff02ca8f6991a0814d4c8
SHA512

61889433fbf01bdd71e587444ac3ca149ef0afdca1f4aa87dd97e1bb071accfa729cfa13d2c087bfbe357257f030a0ebf62dbe008183475b797f2d14d7d13a13
SSDEEP

3072:u5oRowGq8d2X2BW68jzQ8qxwXccO309FWj7:lqnqVmBL8jQm1OE90j7

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

103.156.90.52:4292

127.0.0.1:4292

Attributes

license_id
61DP-MVTK-7F5S-QIGT-AV1H
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  c7adcd12631227ed62d6ab3c995eff01
- Size
  
  102KB
- MD5
  
  c7adcd12631227ed62d6ab3c995eff01
- SHA1
  
  bfe1d108798004af37f8b1d8dcbc4711634cfbab
- SHA256
  
  009033a7c6762dfd9f4aceab9eba3241b50491d0d3cff02ca8f6991a0814d4c8
- SHA512
  
  61889433fbf01bdd71e587444ac3ca149ef0afdca1f4aa87dd97e1bb071accfa729cfa13d2c087bfbe357257f030a0ebf62dbe008183475b797f2d14d7d13a13
- SSDEEP
  
  3072:u5oRowGq8d2X2BW68jzQ8qxwXccO309FWj7:lqnqVmBL8jQm1OE90j7
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2