strrat | 2c3c7bb834448fb264ee307b45877b28eacfb51c97c1733fb0f5f12e172a2d66 | Triage

Sharing

General

Target

New order PI 24E8015.jar
Size

182KB
Sample

240319-kfbemseh68
MD5

6931358f3fc8605f88a913672cd3bb2f
SHA1

05058b97361814763d3921808b3058cb7347f1aa
SHA256

2c3c7bb834448fb264ee307b45877b28eacfb51c97c1733fb0f5f12e172a2d66
SHA512

27f2d7d3bdc89292e364a301f5a4263fa4c36588418333c16f6ce0812b038f71300c7242c489e502a9e17d08943aa7b602535944459e4624ad2595c035188e10
SSDEEP

3072:WLiKdwQJ6IIGhKxO9SNr36eE6HaZZhWS26j5I1pemu4Gnxs5z7Up:8lwZPOKxO9wsM69z3Pnxyfg

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

93.123.39.147:8088

Attributes

license_id
O1D2-3RSR-H341-QFWS-2MFD
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  New order PI 24E8015.jar
- Size
  
  182KB
- MD5
  
  6931358f3fc8605f88a913672cd3bb2f
- SHA1
  
  05058b97361814763d3921808b3058cb7347f1aa
- SHA256
  
  2c3c7bb834448fb264ee307b45877b28eacfb51c97c1733fb0f5f12e172a2d66
- SHA512
  
  27f2d7d3bdc89292e364a301f5a4263fa4c36588418333c16f6ce0812b038f71300c7242c489e502a9e17d08943aa7b602535944459e4624ad2595c035188e10
- SSDEEP
  
  3072:WLiKdwQJ6IIGhKxO9SNr36eE6HaZZhWS26j5I1pemu4Gnxs5z7Up:8lwZPOKxO9wsM69z3Pnxyfg
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2