strrat | 8a56975848a1d89a620394b492ff9ee0c572b986c8823013c7c6ffc41b135626 | Triage

Sharing

General

Target

SOA FROM UNIBEST--JAN-FEB- 2024.jar
Size

182KB
Sample

240320-hysersbc84
MD5

72d880a48d6c4ae3c32f6a740dbfc60c
SHA1

33ab6e72cb5fcc5bb813214b5ca81602f2fb3a3e
SHA256

8a56975848a1d89a620394b492ff9ee0c572b986c8823013c7c6ffc41b135626
SHA512

c2c396e3d3c785ca472a7776d447a69062e296a9f427dadf6d9c977d8fb6345066b4503d864a12ae4a488ce4d4cc6c14f17ef849388f869295b4cdcef0a10ee1
SSDEEP

3072:Yso1+wQs6Xf5uxo99SzQIHes6HaZshUSjRj55Ogem6Dwwxspzxn8:B7wgvcxo9931vR9KD8wxqV8

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

93.123.39.147:8088

Attributes

license_id
O1D2-3RSR-H341-QFWS-2MFD
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  SOA FROM UNIBEST--JAN-FEB- 2024.jar
- Size
  
  182KB
- MD5
  
  72d880a48d6c4ae3c32f6a740dbfc60c
- SHA1
  
  33ab6e72cb5fcc5bb813214b5ca81602f2fb3a3e
- SHA256
  
  8a56975848a1d89a620394b492ff9ee0c572b986c8823013c7c6ffc41b135626
- SHA512
  
  c2c396e3d3c785ca472a7776d447a69062e296a9f427dadf6d9c977d8fb6345066b4503d864a12ae4a488ce4d4cc6c14f17ef849388f869295b4cdcef0a10ee1
- SSDEEP
  
  3072:Yso1+wQs6Xf5uxo99SzQIHes6HaZshUSjRj55Ogem6Dwwxspzxn8:B7wgvcxo9931vR9KD8wxqV8
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2