strrat | 06cfaf2421b7e81f53767e73c3d8731a631ed54697a17c0190adac199449a116 | Triage

Sharing

General

Target

06cfaf2421b7e81f53767e73c3d8731a631ed54697a17c0190adac199449a116.jar
Size

175KB
Sample

240324-cfajcaag5x
MD5

26d3379ac09e8ceb0d88c1143dcf2446
SHA1

f4becfe1c6d0622a67071b513a163babbae16bfd
SHA256

06cfaf2421b7e81f53767e73c3d8731a631ed54697a17c0190adac199449a116
SHA512

48c67ee68cf34de03484726e0beab9a97b61c2b98cc21049f852dd790449f580721d8d3d6326412c974769bb4ed144ac0bfb73eb0d9a20caba0d5afaf09bdc99
SSDEEP

3072:AI4ZqwQ46LT9iV0R9STkczeU6HaZIhUSnFj5dKEem6noMzBVp:FjwUP0V0R9rRLF9+7oMlL

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

93.123.39.147:8088

Attributes

license_id
O1D2-3RSR-H341-QFWS-2MFD
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  06cfaf2421b7e81f53767e73c3d8731a631ed54697a17c0190adac199449a116.jar
- Size
  
  175KB
- MD5
  
  26d3379ac09e8ceb0d88c1143dcf2446
- SHA1
  
  f4becfe1c6d0622a67071b513a163babbae16bfd
- SHA256
  
  06cfaf2421b7e81f53767e73c3d8731a631ed54697a17c0190adac199449a116
- SHA512
  
  48c67ee68cf34de03484726e0beab9a97b61c2b98cc21049f852dd790449f580721d8d3d6326412c974769bb4ed144ac0bfb73eb0d9a20caba0d5afaf09bdc99
- SSDEEP
  
  3072:AI4ZqwQ46LT9iV0R9STkczeU6HaZIhUSnFj5dKEem6noMzBVp:FjwUP0V0R9rRLF9+7oMlL
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2