strrat | 1c943ef00e6f0f8345f26beace6561024b1e22a270cc1f8074e64eb59256a352 | Triage

Sharing

General

Target

Attachment.jar
Size

182KB
Sample

240319-fx4qasbd7w
MD5

8d234a99e59650352bee1917f1a7c748
SHA1

e9481138632e79245a72209ca7c5774755d5c71a
SHA256

1c943ef00e6f0f8345f26beace6561024b1e22a270cc1f8074e64eb59256a352
SHA512

d51ca44e11f0260d015fa8c441fa21a05b4ceee112a1772bbe06d29d6b10d4c0bcb5fa5525a37d089c75a0855a743634a906ad73ffe07c52ff84642ecfe8ba03
SSDEEP

3072:oIMN6wQI6HPZuV0Z9SDks3eU6HaZohUSHVj5F6keme3oExslzVBg:JnwUvAV0Z9Dh7V9GX4ExepK

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

173.254.204.77:8123

Attributes

license_id
AM80-916G-ZKQ1-G50E-OAMF
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  Attachment.jar
- Size
  
  182KB
- MD5
  
  8d234a99e59650352bee1917f1a7c748
- SHA1
  
  e9481138632e79245a72209ca7c5774755d5c71a
- SHA256
  
  1c943ef00e6f0f8345f26beace6561024b1e22a270cc1f8074e64eb59256a352
- SHA512
  
  d51ca44e11f0260d015fa8c441fa21a05b4ceee112a1772bbe06d29d6b10d4c0bcb5fa5525a37d089c75a0855a743634a906ad73ffe07c52ff84642ecfe8ba03
- SSDEEP
  
  3072:oIMN6wQI6HPZuV0Z9SDks3eU6HaZohUSHVj5F6keme3oExslzVBg:JnwUvAV0Z9Dh7V9GX4ExepK
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2