Overview

overview

10

Static

static

10

StrixRat V2.0.7z

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    StrixRat V2.0.7z

  • Size

    596.0MB

  • Sample

    250325-w5jyvszyfz

  • MD5

    ef8572b58bd0210182062c8179803926

  • SHA1

    5be46c4e0f910129626ae640b481b2878f7ff38a

  • SHA256

    7d57c62ff43795711fc426680559c96a3191f3d1bb838abd8a2b35c10b005206

  • SHA512

    5717cc6060f3c8e25095d63c253c52d258e859df64c40e648d296a6aa03b1e4690f94cb89edf0ade97b1f09814efe8ac6bb1384f2600739f7f7f9dce1de69c94

  • SSDEEP

    12582912:RuSP32Odbqk34uq3SZiKHgLLL+2Ls7CxlnzAFBxv3Pof4m7TbA:kS/2OFqc4YiKH0LGFBx3sT8

Score
10/10
neshtaagilenetpersistencespyware

Malware Config

Targets

    • Target

      StrixRat V2.0.7z

    • Size

      596.0MB

    • MD5

      ef8572b58bd0210182062c8179803926

    • SHA1

      5be46c4e0f910129626ae640b481b2878f7ff38a

    • SHA256

      7d57c62ff43795711fc426680559c96a3191f3d1bb838abd8a2b35c10b005206

    • SHA512

      5717cc6060f3c8e25095d63c253c52d258e859df64c40e648d296a6aa03b1e4690f94cb89edf0ade97b1f09814efe8ac6bb1384f2600739f7f7f9dce1de69c94

    • SSDEEP

      12582912:RuSP32Odbqk34uq3SZiKHgLLL+2Ls7CxlnzAFBxv3Pof4m7TbA:kS/2OFqc4YiKH0LGFBx3sT8

    Score
    10/10
    neshtaagilenetpersistencespyware

    • Detect Neshta payload

    • Neshta

      Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

      persistencespywareneshta

    • Neshta family

      neshta

    • Executes dropped EXE

    • Loads dropped DLL

    • Obfuscated with Agile.Net obfuscator

      Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

      agilenet
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks