strrat | 213005ac3eed9e5dfa0b00b24cf04cb9ca484b940799c47b095834681e23b807 | Triage

Sharing

General

Target

213005ac3eed9e5dfa0b00b24cf04cb9ca484b940799c47b095834681e23b807.jar
Size

177KB
Sample

240327-cleegsdb6s
MD5

9c7eaf398d41438251ea4b2c695eb250
SHA1

f7e64b03c8569ab52c2266d7843f2766563196c1
SHA256

213005ac3eed9e5dfa0b00b24cf04cb9ca484b940799c47b095834681e23b807
SHA512

58ee596609eed64712a87be054f7fbcd4f27ce6c81cfcb3e9792002ab40cc346646bbd8556c4d18a64efaa5e1bd8e507613a6ab78bfdd1afedccb81335957704
SSDEEP

3072:rvQfkUNnW5ecEO2VfscDg6HHU6XOzqQBznk7VPyXVd7gVPQj1Ab9:bXUNl/ecDgmHtkzk7Vqld7eZ

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

185.222.58.38:8088

Attributes

license_id
W8SW-IRVO-U5T5-X2TN-XZ0D
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  213005ac3eed9e5dfa0b00b24cf04cb9ca484b940799c47b095834681e23b807.jar
- Size
  
  177KB
- MD5
  
  9c7eaf398d41438251ea4b2c695eb250
- SHA1
  
  f7e64b03c8569ab52c2266d7843f2766563196c1
- SHA256
  
  213005ac3eed9e5dfa0b00b24cf04cb9ca484b940799c47b095834681e23b807
- SHA512
  
  58ee596609eed64712a87be054f7fbcd4f27ce6c81cfcb3e9792002ab40cc346646bbd8556c4d18a64efaa5e1bd8e507613a6ab78bfdd1afedccb81335957704
- SSDEEP
  
  3072:rvQfkUNnW5ecEO2VfscDg6HHU6XOzqQBznk7VPyXVd7gVPQj1Ab9:bXUNl/ecDgmHtkzk7Vqld7eZ
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2