strrat | 56f0a10c33da16a1d597d2772bca21ae3e39cc179cf31eef3fa623480580bb61 | Triage

Sharing

General

Target

d375b26e07150dc37dae2ce7d22a586b
Size

102KB
Sample

240318-n73vragh51
MD5

d375b26e07150dc37dae2ce7d22a586b
SHA1

8d4ec9d1b48c5cd2ffaeae674c8e93b489a5c171
SHA256

56f0a10c33da16a1d597d2772bca21ae3e39cc179cf31eef3fa623480580bb61
SHA512

6b388b840e70b988345be952efdce79d830934abb49dcbc6060441a0cd58014de4cd4ed19743adce77ee7af0133fe7db00d10a5d578754fb8d714e9f8925b3ec
SSDEEP

1536:cjSW+gbZj1hXLp8tmGiwvzk//zNpPShwbRWNcRcqrdHc4CSshc/6yN6:cjSW+QZjHX6tgGadAqp8nSsnyM

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

dollarsat.dynamic-dns.net:1781

dollarsat.dynamic-dns.net:1780

Attributes

license_id
khonsari
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  d375b26e07150dc37dae2ce7d22a586b
- Size
  
  102KB
- MD5
  
  d375b26e07150dc37dae2ce7d22a586b
- SHA1
  
  8d4ec9d1b48c5cd2ffaeae674c8e93b489a5c171
- SHA256
  
  56f0a10c33da16a1d597d2772bca21ae3e39cc179cf31eef3fa623480580bb61
- SHA512
  
  6b388b840e70b988345be952efdce79d830934abb49dcbc6060441a0cd58014de4cd4ed19743adce77ee7af0133fe7db00d10a5d578754fb8d714e9f8925b3ec
- SSDEEP
  
  1536:cjSW+gbZj1hXLp8tmGiwvzk//zNpPShwbRWNcRcqrdHc4CSshc/6yN6:cjSW+QZjHX6tgGadAqp8nSsnyM
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2