strrat | aeb801eba402a4f10fd1f15286974f3d524ed21f09e4edce40548d3ec74d329d | Triage

Sharing

General

Target

NEW ORDER.jar
Size

270KB
Sample

250214-falwzasmcn
MD5

2fc3e196a69266976b818ddc4c7833d6
SHA1

a49408dfee4a32da9b342d050ff990abc627d92b
SHA256

aeb801eba402a4f10fd1f15286974f3d524ed21f09e4edce40548d3ec74d329d
SHA512

52c53bf95639f00d41cc2d12e05f27bca8d8417c2abeb2ecde609e3a191f9069c1210fc1851d9f7f514fc15494ac3802a0159c7cc3924ed12d74bdd5d802c4b4
SSDEEP

6144:KqTBRHRPHuWkh9HgQTetWUhv1AyeKDwciWBW:DRHR/uWkh9hehv1ltZW

Score

10^/10

strrat discovery

Malware Config

Extracted

Family

strrat

C2

195.177.95.117:7800

Attributes

license_id
DB1U-CVGT-7HUG-X0A0-GNWH
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Targets

- Target
  
  NEW ORDER.jar
- Size
  
  270KB
- MD5
  
  2fc3e196a69266976b818ddc4c7833d6
- SHA1
  
  a49408dfee4a32da9b342d050ff990abc627d92b
- SHA256
  
  aeb801eba402a4f10fd1f15286974f3d524ed21f09e4edce40548d3ec74d329d
- SHA512
  
  52c53bf95639f00d41cc2d12e05f27bca8d8417c2abeb2ecde609e3a191f9069c1210fc1851d9f7f514fc15494ac3802a0159c7cc3924ed12d74bdd5d802c4b4
- SSDEEP
  
  6144:KqTBRHRPHuWkh9HgQTetWUhv1AyeKDwciWBW:DRHR/uWkh9hehv1ltZW
Score

8^/10

discovery
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2