General
-
Target
PAYMENT-9262023.js
-
Size
293KB
-
Sample
230926-mprt4age4t
-
MD5
f3b567669e8b937dc08bc81a2f7bf6ac
-
SHA1
383cc6008c5c78178e8e18611a7f4d4dea28d7f4
-
SHA256
24d1e734345b0206fd0c673cb5a98f876cf4392c79c5f5dc5237b61ca37afb7c
-
SHA512
6eb2ce7251af2a45a9b5c24e4e3674407a3648e56418c68c34476aed0d4a6cecf50bfe2584db7806e9030896708a66a4338dac8a1b50e8529a661bb724e5fc6a
-
SSDEEP
6144:R4xBc0zl1+gb1S04ipaJftEXWJcNjVe/510D4cgNO:ReBzCgbrPm6W+NVu10ccgY
Static task
static1
Behavioral task
behavioral1
Sample
PAYMENT-9262023.js
Resource
win7-20230831-en
Malware Config
Extracted
strrat
96.47.233.13:8454
-
license_id
7C80-HMCX-T9VH-K5QU-BQT2
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
PAYMENT-9262023.js
-
Size
293KB
-
MD5
f3b567669e8b937dc08bc81a2f7bf6ac
-
SHA1
383cc6008c5c78178e8e18611a7f4d4dea28d7f4
-
SHA256
24d1e734345b0206fd0c673cb5a98f876cf4392c79c5f5dc5237b61ca37afb7c
-
SHA512
6eb2ce7251af2a45a9b5c24e4e3674407a3648e56418c68c34476aed0d4a6cecf50bfe2584db7806e9030896708a66a4338dac8a1b50e8529a661bb724e5fc6a
-
SSDEEP
6144:R4xBc0zl1+gb1S04ipaJftEXWJcNjVe/510D4cgNO:ReBzCgbrPm6W+NVu10ccgY
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-