General
-
Target
m_AP Remittance - L - Ref S158578-3_PDF.zip
-
Size
66KB
-
Sample
230921-te6c3ahb8x
-
MD5
e0626846ef33edb6013bcd2a81d733e6
-
SHA1
4949e675c35df0be361abb5d793cb199dda90d8d
-
SHA256
f7232989ee2ad63a73dac3203924245ee40cafe9a641141ffd8c7768e0853351
-
SHA512
0e43fd3143a3f51f2af417e212596ba7f5ea8afbe7727943f7b517234557a29e9e82d47fafac5b63f3d2e8030a895a9c853c4ba7a12e8b811b24e4cb60807046
-
SSDEEP
1536:/2ku+eZoYDPyhsHVYFD0u8OZG8doPBF4+rbT5TMEfo8H8E3hkC:en+eCOHVYePbnDPmEfo8H8E33
Behavioral task
behavioral1
Sample
AP Remittance - L - Ref S158578-4_PDF.jar
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
AP Remittance - L - Ref S158578-4_PDF.jar
Resource
win10v2004-20230915-en
Malware Config
Extracted
strrat
str01.3utilities.com:8888
127.0.0.1:8888
-
license_id
3H9W-V5UN-LQSP-Z89I-41OC
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
AP Remittance - L - Ref S158578-4_PDF.jar
-
Size
68KB
-
MD5
052f8ca40a7bc61719d275dcbda72790
-
SHA1
a3b43585f2ec3c8ff580f3b810a1fb92a05ec249
-
SHA256
ccaa1364264bf43edefa2f9e1439fa02f5a667fd0f724f620c43842a8e365123
-
SHA512
f7497e0dd59424f35948c132895589cd2359ffdcc996cbb2495233431ea672ff13984ca7dc32022e0ab36c2395d8714191b47f4dae41eaafcdf9ed95c44427b1
-
SSDEEP
1536:iYJBqZs+9H1SDQjGETHlE+hy9b12/aJV14sk1NthMfI6hzRENWJ5q:imcs21osGETHlHhy9b18aJVCseNTmxhs
Score10/10-
Drops startup file
-
Adds Run key to start application
-