Overview
overview
10Static
static
10carLambo/E....class
windows7-x64
3carLambo/E....class
windows10-2004-x64
3carLambo/F....class
windows7-x64
3carLambo/F....class
windows10-2004-x64
3carLambo/GDI32.class
windows7-x64
3carLambo/GDI32.class
windows10-2004-x64
3carLambo/H....class
windows7-x64
3carLambo/H....class
windows10-2004-x64
3carLambo/K....class
windows7-x64
3carLambo/K....class
windows10-2004-x64
3carLambo/K....class
windows7-x64
3carLambo/K....class
windows10-2004-x64
3carLambo/M....class
windows7-x64
3carLambo/M....class
windows10-2004-x64
3carLambo/O....class
windows7-x64
3carLambo/O....class
windows10-2004-x64
3carLambo/Q....class
windows7-x64
3carLambo/Q....class
windows10-2004-x64
3carLambo/R....class
windows7-x64
3carLambo/R....class
windows10-2004-x64
3carLambo/V....class
windows7-x64
3carLambo/V....class
windows10-2004-x64
3carLambo/W....class
windows7-x64
3carLambo/W....class
windows10-2004-x64
3carLambo/X....class
windows7-x64
3carLambo/X....class
windows10-2004-x64
3carLambo/Z....class
windows7-x64
3carLambo/Z....class
windows10-2004-x64
3carLambo/c....class
windows7-x64
3carLambo/c....class
windows10-2004-x64
3carLambo/d....class
windows7-x64
3carLambo/d....class
windows10-2004-x64
3General
-
Target
Final Payment Invoice.jar
-
Size
218KB
-
Sample
230621-g8cavshb5v
-
MD5
a815ac738840c8682aa245ab42476d19
-
SHA1
3617a9293fbe42ae26cd1c3423ff0a117999d952
-
SHA256
a67fc3dec1318660696b553653929426bc6a061031de462ab57ceace5754a821
-
SHA512
195a93dec560c21281e8206a6dd472a4b06e29ebd49b94f688938cccc1684b9cfaa9d257ecce7d058b9769d23ebedb030f8ef0d9b1682d131c7a98360af825fd
-
SSDEEP
6144:eRSMKMKwBT6AqCSzH+mYol+vr+Wp04TwA:eRSJtKOvCSzemhl+vr+uTwA
Behavioral task
behavioral1
Sample
carLambo/EpWofAJVbFslmSVoJiOKl.class
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
carLambo/EpWofAJVbFslmSVoJiOKl.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
carLambo/FirstRun.class
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
carLambo/FirstRun.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
carLambo/GDI32.class
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
carLambo/GDI32.class
Resource
win10v2004-20230221-en
Behavioral task
behavioral7
Sample
carLambo/HBrowserNativeApis.class
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
carLambo/HBrowserNativeApis.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
carLambo/Kernel32.class
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
carLambo/Kernel32.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral11
Sample
carLambo/KhMkDuVtwQiqTmvRKNRUO.class
Resource
win7-20230220-en
Behavioral task
behavioral12
Sample
carLambo/KhMkDuVtwQiqTmvRKNRUO.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral13
Sample
carLambo/MvtPefgRyYqmhJkLbJFZM.class
Resource
win7-20230220-en
Behavioral task
behavioral14
Sample
carLambo/MvtPefgRyYqmhJkLbJFZM.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral15
Sample
carLambo/ODxCDSlzXcVsVaqVcnjYn.class
Resource
win7-20230220-en
Behavioral task
behavioral16
Sample
carLambo/ODxCDSlzXcVsVaqVcnjYn.class
Resource
win10v2004-20230221-en
Behavioral task
behavioral17
Sample
carLambo/QULuOzqHXCcwKyTrdxVnN.class
Resource
win7-20230220-en
Behavioral task
behavioral18
Sample
carLambo/QULuOzqHXCcwKyTrdxVnN.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral19
Sample
carLambo/RZyWOkqJLQlVrMxWGpvsk.class
Resource
win7-20230220-en
Behavioral task
behavioral20
Sample
carLambo/RZyWOkqJLQlVrMxWGpvsk.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral21
Sample
carLambo/VQZSJWtbIIIWStAmVeEzG.class
Resource
win7-20230220-en
Behavioral task
behavioral22
Sample
carLambo/VQZSJWtbIIIWStAmVeEzG.class
Resource
win10v2004-20230221-en
Behavioral task
behavioral23
Sample
carLambo/WeZvnzdveHuSZcFllCmbF.class
Resource
win7-20230220-en
Behavioral task
behavioral24
Sample
carLambo/WeZvnzdveHuSZcFllCmbF.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral25
Sample
carLambo/XYRGkdetsPPNCXpnbnjzm.class
Resource
win7-20230220-en
Behavioral task
behavioral26
Sample
carLambo/XYRGkdetsPPNCXpnbnjzm.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral27
Sample
carLambo/ZBbWBpgOmMTESxYNmfXpX.class
Resource
win7-20230220-en
Behavioral task
behavioral28
Sample
carLambo/ZBbWBpgOmMTESxYNmfXpX.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral29
Sample
carLambo/cnrXdWOSpajnDCDOTKUUo.class
Resource
win7-20230220-en
Behavioral task
behavioral30
Sample
carLambo/cnrXdWOSpajnDCDOTKUUo.class
Resource
win10v2004-20230220-en
Behavioral task
behavioral31
Sample
carLambo/dDWcwWhGOWwQQirQcyCEh.class
Resource
win7-20230220-en
Behavioral task
behavioral32
Sample
carLambo/dDWcwWhGOWwQQirQcyCEh.class
Resource
win10v2004-20230220-en
Malware Config
Extracted
strrat
microsoftmicrosoftmicrosoft.ydns.eu:4545
lefteriskkokkiskikinew.ydns.eu:4142
-
license_id
XUGN-HLIA-Z9LB-8NGB-WYLV
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
carLambo/EpWofAJVbFslmSVoJiOKl.class
-
Size
8KB
-
MD5
c4555f447ac399a4c06d959a7cd797c3
-
SHA1
df8a2e267a4d6fe56eaaa44a0810faad501eabf1
-
SHA256
0a9dbefd7ad73ae354e2e2364a44bedf77f525d8a9f255d3d2f318089db62449
-
SHA512
c8a287293bfeb96b7527434a44fa86b1a671dbdfb78dce2489a16c5ac446ca9b021b542c9aaf565a5e005734f9c6723f186a653b078970ee62596156f0633ccb
-
SSDEEP
192:X5ss1fbpE2oJnIrMpzw/P0GLEVJXTw6a0cuf:X5sKjpE2eIrAAqJjwDe
Score3/10 -
-
-
Target
carLambo/FirstRun.class
-
Size
8KB
-
MD5
318972286d87825587e5e3aec831c456
-
SHA1
3d88392cfddad6d545df17fed75b382b1a99354b
-
SHA256
6806d4b789483e7b823ecb155368003c4cb5b6cbd23c85283a70ccc1de4748d6
-
SHA512
605af3ba5801bd9183798452e714ebdf9b4fb33f87ddbcdc18cf3c4bdaf70a6b1635c7fd9136433e059b104dae1e38b265f706939dd4355caea672dd99f3ed10
-
SSDEEP
192:FKAtYPjQV2xLZgL42TA0qlJVHO5UNbkPs06z:FKgQCMLZgL42MzuUbkPsL
Score3/10 -
-
-
Target
carLambo/GDI32.class
-
Size
254B
-
MD5
0d10e33d7f1cd0d7a989be6383eb3eeb
-
SHA1
2fa9809c21932b25077b138a861a3008b90c58ee
-
SHA256
1f57a75d656981e79a0807088ad4cee9131c74263e0ec74bf92cc535c2292423
-
SHA512
e0963e9fe35e25e48fbe25dd94ef423836609074c93d93c0dfffa250fb6cce54fedb80a26a3511fac8253372fd33f945d2c86a7fc21e7bab9fc40b60c9062cbe
Score3/10 -
-
-
Target
carLambo/HBrowserNativeApis.class
-
Size
4KB
-
MD5
37c626e65556250e1f4aa28f13f50ec6
-
SHA1
ee3e78187da5c39b74b1533d4d9ccdc3d9f6a81b
-
SHA256
aaa4e40550968e043121b557d06685abe8c04f7e2e0407d89626641615dec902
-
SHA512
29f0ed02c33cad8529901f16837cb100738a79c74c5e3d70721720b7b8cd540d3acf4a2183bd57ad4890d8857a329e0a3237c4b2b3d26346823c91609ea8cedd
-
SSDEEP
96:m7+cJ4rh4i/H5zhKp9wFWmWYaouGF/jE7:Hq4J/HtUPdmTahGVjk
Score3/10 -
-
-
Target
carLambo/Kernel32.class
-
Size
240B
-
MD5
e3f75446ab3124fc215c8361fcc09124
-
SHA1
4844e5e11ee17d5d9019c1dbf7458488f64375bd
-
SHA256
50c9b0ca5e829c97fa34c2470197a123ec5d993e9b88c5b0e2158e3488d41885
-
SHA512
88d3c1caefa5742174562e7b271e101026993a703949cbc94f9a26695b3d20a7f626915b54ff8ed6fe6e1aff0725acc614864260544e427e838e594d8295bc8b
Score3/10 -
-
-
Target
carLambo/KhMkDuVtwQiqTmvRKNRUO.class
-
Size
1KB
-
MD5
f2beb729d761d08cdb93727c833c9317
-
SHA1
8c8527f858cdd37a3e1d3d589bf86076323f337a
-
SHA256
7a6dc25dd332386cd5c412b7f9b7dc3aa7530a5db420132d5181ea870840cfc1
-
SHA512
ad0a2650bd7945e9d8e765127618c3be1c02fdd036afa9253d48cf18dfafe0348ac9f8cada4f5ffd10773fe252a425dd8df4590a4cecdb122b1f0d4166a9250d
Score3/10 -
-
-
Target
carLambo/MvtPefgRyYqmhJkLbJFZM.class
-
Size
120B
-
MD5
2122046e66fe6e48bf0cf839b70b10aa
-
SHA1
3f3af3f3addf916e230da7095714a55bb942de95
-
SHA256
64174c1a737567309431281be890841172166f2b8c6326eb70c8ec900f99adae
-
SHA512
b0d20ecf0f8355233d67caa11c08b5f11f0c5d561e873787f435bb9da5e2246054e5d4c39c0f40226ba363c36923898c792a9e2d50e366f6faaa1fc693694530
Score3/10 -
-
-
Target
carLambo/ODxCDSlzXcVsVaqVcnjYn.class
-
Size
1KB
-
MD5
97ba92678945879bd6dd5d81c593ffd7
-
SHA1
e927f2901221d428c160278807a6c8da22aff497
-
SHA256
db7bf72a73c82f1ec8f3425788f27a12f80dcf2a8a933d011fed84fc01b82cb0
-
SHA512
c378927c271d21b6d27f2e27b92dcd40ab7d2c7bd6727acef5f055c0ffc60f0e003cfa61fe50806ed90b41820a222aa33532800fed18d107d47f8a00b3fd3d2d
Score3/10 -
-
-
Target
carLambo/QULuOzqHXCcwKyTrdxVnN.class
-
Size
5KB
-
MD5
c648ff3be6862d06c018c9c857843713
-
SHA1
8d009a762601efd30a63013a610568dbf42386f9
-
SHA256
73f50ab830091397192545c9abc9a40d6cb25ffda561b7c2407d7011566423ad
-
SHA512
29fbadea9edf92d46f9e726aa881325d2b474e4a841bf4e2e93d63c67a9622dd5490952b2e47c20f7ddbec347e0044dd16b8ee278410043a2a9eff58185acb1c
-
SSDEEP
96:dmryXPjKfnO+MxKM1D0kZ6E8cp0h5dOENZai99jxF8flNMxlcbVPCxIwT:wrSLsjFM1DuPcU5tNZR9VxSlVEIwT
Score3/10 -
-
-
Target
carLambo/RZyWOkqJLQlVrMxWGpvsk.class
-
Size
379B
-
MD5
90a661a215d05231ca3d9f3404339bfc
-
SHA1
0a40431cd7463cbd2631e67c6accfe5774d0af0e
-
SHA256
f7bed4fa46b1ba7bef9cfe259f443e243f82a2edf4a56509e0ec076df2be4297
-
SHA512
ff1cf5db70ac6619465e761165ae742ca332c988927ea914df65a86a7f01188af6c418985347b90620772e25f27beff89679822a2ebf467139e79edc661a40ad
Score3/10 -
-
-
Target
carLambo/VQZSJWtbIIIWStAmVeEzG.class
-
Size
379B
-
MD5
a4e2d16c78c7dbd4a1fc0a970f011ff6
-
SHA1
382b68d45b848eefeb0cf4156abcba264456739a
-
SHA256
18950aa0fefcfa7b437208ecbc3cd903fca1b9534314a86a3d9a63cb68e152fe
-
SHA512
12a500d28c0f0ae69f19316766bb26727bc105a2f5489df14c3d5cc5f80f055e498de667fec6a1859b1b7973e723ee8650b2446c60bf9c27222648d206e3ceb1
Score3/10 -
-
-
Target
carLambo/WeZvnzdveHuSZcFllCmbF.class
-
Size
8KB
-
MD5
8cc6a62f14a44a2ea2c2f7517c52f983
-
SHA1
7831ed081f36096ac0d345f68e5de22f7114fe8a
-
SHA256
2f93018999e997f37e62d54f306112fb4893d19eea294ef7094d6132c3287afd
-
SHA512
4018b7254385eacfa0ae2bb0fa7726fad6cca672d601a46e63392527ac84c462205714c1998cb026ce7cae825c97730eab15ba529ac483924fb3b55ffbb2a27a
-
SSDEEP
96:GctRgFMS8vsU6cy7NU3xovAS6ccIBQ0yexuLJQ3/GufSbbygiG0MowPELrKnqml2:GcPgFMN0qy7NU3xovAn6wLGT+qa2eS9D
Score3/10 -
-
-
Target
carLambo/XYRGkdetsPPNCXpnbnjzm.class
-
Size
378B
-
MD5
d84196daebd5733ceb31d4e0115a4fca
-
SHA1
86bf89b4d0a856c7655b17ec8086167d16821d57
-
SHA256
8d3aae3bf55290d8acd75336a5fdb3ecfb747661782f275b625a40478d3af819
-
SHA512
eb4e2b8b393cdb04deb116d866056a191a86840a5be5808efeed62b3b4a36349a5bcee6672359405270e94b51979c09c3c254222de5209d7da89ccd3da81bb83
Score3/10 -
-
-
Target
carLambo/ZBbWBpgOmMTESxYNmfXpX.class
-
Size
5KB
-
MD5
18c2f568d7762c2bbead79e1db525182
-
SHA1
3186cc1ed39fa432011f672cc4067b8428f94422
-
SHA256
91b476df57926ec04679c22143ead8a3a7e34eea4dff43aabf8f93499d3e6272
-
SHA512
ee512a1d3824440f31db90c2b2c73918dad420ebc010a5cd976e1dd24098f3335cab797ed25814ff3f8a835f843d7faec1785e47a7cb83eb69b91ee092d02bc1
-
SSDEEP
96:VV7fDdMGX3Xzw/e1h+3XOvtQyMuRzkRfjFA+YK9X71VPCw0:D7f6CuGk/YzkRfPBl0
Score3/10 -
-
-
Target
carLambo/cnrXdWOSpajnDCDOTKUUo.class
-
Size
2KB
-
MD5
b66fbfcd52d631486dcb3a333adb291b
-
SHA1
c9dd15ecdae03b29c2c4a9a2dbf614d1200ddd92
-
SHA256
414cbd7d4fc60195ebb5087c5c0223b64ae4793f1a7ec9bcdf3204e4d29ac79c
-
SHA512
1eeabc6763e3a9f33aa1216b1a518b5897d1fb845f1d1b6cc821cf2ad5856b25e092680e01701002417662e2ac8cad4dbbdc2a498ca80202ef56cbfa58404503
Score3/10 -
-
-
Target
carLambo/dDWcwWhGOWwQQirQcyCEh.class
-
Size
379B
-
MD5
2b8fd9b948b11d75495fbbfad92b88cb
-
SHA1
c88f101aa7588f554bcc9c9cd83f631f7bdd8c0e
-
SHA256
fef2de74688cc4ea7516eb7838204ff7a8b5bb6b686ba33fec89cace9a9f9482
-
SHA512
0b4c6819a2526248d59dc20b84dfd2c67e53dbe25ff401750fa0440bf3032a42772327faabb5df321c4bb4aa42874a99929c66a25daa2223672f11a079fb6b34
Score3/10 -