Overview

overview

10

Static

static

10

5a8822b39d...7d.jar

windows7-x64

1

5a8822b39d...7d.jar

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    06c02a92d723439a0ab48bc40a7608d3_JC.bin

  • Size

    164KB

  • MD5

    20c6eb2c706c6a171e0023e0f30b4271

  • SHA1

    3766e8aa4fb49682b7a3da3274e9409c7e5058ab

  • SHA256

    404a60da6e5106d73dc438ac02327b721be5f7dbb4fe2d943571ea6f1d7619d8

  • SHA512

    91f5046f5ad09e1e2e4c2f38eda056b81cd241d3d41d308964a3eaa341ba5c1a2bb4e41cd1db89787df2fe428f2b39df229363edd1d441091dafc102bde9f8fc

  • SSDEEP

    3072:mAoAh7bKEyrWMsu8UKIgVBhhr3KPD1SbdW+dOHd4Iw3AUA/fmUq4yGxmFzK:FoKHvi0uhgVJePpShCHOZ37A/rqouO

Score
10/10
strrat

Malware Config

Extracted

Family

strrat

C2

microsoftmicrosoftmicrosoft.ydns.eu:4145

lefteriskkokkiskikinew.ydns.eu:4142
Attributes
  • license_id

    XUGN-HLIA-Z9LB-8NGB-WYLV

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Signatures

Files

  • 06c02a92d723439a0ab48bc40a7608d3_JC.bin
    .zip

    Password: infected

  • 5a8822b39d40ecfeb5e7e53a1ba98c1a76b61c4362c132af4658e75074dc487d.jar
    .jar