strrat | 7a540128e18a205052c12e1ef416df4f7aa0d18a130fd4580aac2fe6991c83c7 | Triage

Sharing

General

Target

7a540128e18a205052c12e1ef416df4f7aa0d18a130fd4580aac2fe6991c83c7.jar
Size

182KB
Sample

240322-dcevbshg3x
MD5

4bb9375408befc34f88aa2ed81bd7d6a
SHA1

211ccad4ebf6678fd31145515d071abea0bf54d0
SHA256

7a540128e18a205052c12e1ef416df4f7aa0d18a130fd4580aac2fe6991c83c7
SHA512

0ef4022e12a7a96b48d224b3ee740e97c1bb6e8033c632d025eaa246dcbb545be67aa1b36219d24dc1459a80f41802a4344ead55c994a424d1c4e777cebb2be3
SSDEEP

3072:IWwzAwQy6xRrY/Cr9SzamFe86HaZahwS1Xj57YOemqVcSxsZzVBr:fzwCTE/Cr9xnNX9cLaSx659

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

93.123.39.147:8088

Attributes

license_id
O1D2-3RSR-H341-QFWS-2MFD
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  7a540128e18a205052c12e1ef416df4f7aa0d18a130fd4580aac2fe6991c83c7.jar
- Size
  
  182KB
- MD5
  
  4bb9375408befc34f88aa2ed81bd7d6a
- SHA1
  
  211ccad4ebf6678fd31145515d071abea0bf54d0
- SHA256
  
  7a540128e18a205052c12e1ef416df4f7aa0d18a130fd4580aac2fe6991c83c7
- SHA512
  
  0ef4022e12a7a96b48d224b3ee740e97c1bb6e8033c632d025eaa246dcbb545be67aa1b36219d24dc1459a80f41802a4344ead55c994a424d1c4e777cebb2be3
- SSDEEP
  
  3072:IWwzAwQy6xRrY/Cr9SzamFe86HaZahwS1Xj57YOemqVcSxsZzVBr:fzwCTE/Cr9xnNX9cLaSx659
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2