strrat | eecbb9d50663e28777057e83cb5f82cd10e405438ee7cc27f17e880767111377 | Triage

Sharing

General

Target

Pedido N°2024-08-0004_pdf.jar
Size

218KB
Sample

240408-mwn2safd25
MD5

f2d80c038d90b222e05e229ecde3527a
SHA1

2b97fcf8172da5829216fca04de13c0f66744cd1
SHA256

eecbb9d50663e28777057e83cb5f82cd10e405438ee7cc27f17e880767111377
SHA512

f3f0f7b95b01ab5231ba5559b05ab433a5f5079c6c490be8f58bb67cc38898f45322d6b30b5c2ad393c89fb7d136aee8c13340d123998dd77f589d97177251f9
SSDEEP

6144:E2aXQ9rZEKIq1yvksjXoMYl29KTyudyTCYKjmEL:4wlIqAvks7GqcsTymM

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

sandshoe.myfirewall.org:5851

Attributes

license_id
CYS7-AXVX-CX3F-09JX-D5FO
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  Pedido N°2024-08-0004_pdf.jar
- Size
  
  218KB
- MD5
  
  f2d80c038d90b222e05e229ecde3527a
- SHA1
  
  2b97fcf8172da5829216fca04de13c0f66744cd1
- SHA256
  
  eecbb9d50663e28777057e83cb5f82cd10e405438ee7cc27f17e880767111377
- SHA512
  
  f3f0f7b95b01ab5231ba5559b05ab433a5f5079c6c490be8f58bb67cc38898f45322d6b30b5c2ad393c89fb7d136aee8c13340d123998dd77f589d97177251f9
- SSDEEP
  
  6144:E2aXQ9rZEKIq1yvksjXoMYl29KTyudyTCYKjmEL:4wlIqAvks7GqcsTymM
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2