strrat | ee5420e42f0a24abc94f91a63dcf822e21eee1536b815972bfcac06e7a2d9cfd | Triage

Sharing

General

Target

ee5420e42f0a24abc94f91a63dcf822e21eee1536b815972bfcac06e7a2d9cfd.jar
Size

182KB
Sample

240320-c9aq7sff5x
MD5

fadc391eb366687b72ef339d5aae261d
SHA1

4c05a869393902fad202fba4b154af41b398c788
SHA256

ee5420e42f0a24abc94f91a63dcf822e21eee1536b815972bfcac06e7a2d9cfd
SHA512

351b1c4120ea217701c81bab8570b61642196ab1d1e3faa60088e90a8f438de976944b7fdc3f355aae1e890f547810c410049166de7a8980f346ccf00e5edf78
SSDEEP

3072:QakzYwQS6NRrYHeT9SbSuxeU6HaZShkSpbj57QaemO9I2xsdzxSN:jnwOTEHeT9tj1b9o/+2xWVW

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

93.123.39.147:8088

Attributes

license_id
O1D2-3RSR-H341-QFWS-2MFD
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  ee5420e42f0a24abc94f91a63dcf822e21eee1536b815972bfcac06e7a2d9cfd.jar
- Size
  
  182KB
- MD5
  
  fadc391eb366687b72ef339d5aae261d
- SHA1
  
  4c05a869393902fad202fba4b154af41b398c788
- SHA256
  
  ee5420e42f0a24abc94f91a63dcf822e21eee1536b815972bfcac06e7a2d9cfd
- SHA512
  
  351b1c4120ea217701c81bab8570b61642196ab1d1e3faa60088e90a8f438de976944b7fdc3f355aae1e890f547810c410049166de7a8980f346ccf00e5edf78
- SSDEEP
  
  3072:QakzYwQS6NRrYHeT9SbSuxeU6HaZShkSpbj57QaemO9I2xsdzxSN:jnwOTEHeT9tj1b9o/+2xWVW
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2