strrat | 77bbc24723f8ca43d3ebe9d48f86e73bedab3b40c09989e8c7a4119a8eb825f1 | Triage

Sharing

General

Target

DBS Bank Ltd #08042024.jar
Size

219KB
Sample

240408-bxdfwscg3z
MD5

a36e10d9f1563ca1fc064b6c3ac93724
SHA1

1260be3a84fc84319f1db5d223554b73957bb0cb
SHA256

77bbc24723f8ca43d3ebe9d48f86e73bedab3b40c09989e8c7a4119a8eb825f1
SHA512

7556b18bf19b01573a5e0ca6c94988b9c1dc14100557e1ce72865b887aaf0abb43f838f09d80001db0c37ffb9e04e028e766fdb8c3ab70c1c9c1e9848305d68a
SSDEEP

3072:7uGtR/1akrGw650qYa8tfmmm0rvE98r9NEW3R3eGiOuQFYGRVNB4rjeSPFle1NqX:qoRRG19YaUm0rxtFcQFYGRjSrj9+kn

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

twart.myfirewall.org:5515

Attributes

license_id
CYS7-AXVX-CX3F-09JX-D5FO
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  DBS Bank Ltd #08042024.jar
- Size
  
  219KB
- MD5
  
  a36e10d9f1563ca1fc064b6c3ac93724
- SHA1
  
  1260be3a84fc84319f1db5d223554b73957bb0cb
- SHA256
  
  77bbc24723f8ca43d3ebe9d48f86e73bedab3b40c09989e8c7a4119a8eb825f1
- SHA512
  
  7556b18bf19b01573a5e0ca6c94988b9c1dc14100557e1ce72865b887aaf0abb43f838f09d80001db0c37ffb9e04e028e766fdb8c3ab70c1c9c1e9848305d68a
- SSDEEP
  
  3072:7uGtR/1akrGw650qYa8tfmmm0rvE98r9NEW3R3eGiOuQFYGRVNB4rjeSPFle1NqX:qoRRG19YaUm0rxtFcQFYGRjSrj9+kn
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2