Resubmissions

31/08/2023, 13:35

230831-qv56fsfc87 10

23/08/2023, 14:07

230823-re2zjacf23 1

General

  • Target

    shipping Bill.pdf.jar

  • Size

    204KB

  • MD5

    fd4b2ed4725ade8e3e30a292712180e6

  • SHA1

    d9531fa6da84a9039a04642d109d1203afc569bf

  • SHA256

    2be131ccb225a25840925193fca29db9699f5b5a53b78cb4b57ee5504f3bf0aa

  • SHA512

    f9493a671a22660ae8a6179d920ccaad28c6f1f0d175e623dfcaf53b09afebc808a66339afadd7d00513cc74d3452726c48a445499c7909863ac4e455cb7faff

  • SSDEEP

    6144:I69k8kdfSjBM7KqeYzb7q2hrxXGuh3OLgTa:IHdAMus/Yula

Score
10/10

Malware Config

Extracted

Family

strrat

C2

recoverall.dns05.com:8082

Attributes
  • license_id

    khonsari

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Signatures

Files

  • shipping Bill.pdf.jar
    .jar