General

  • Target

    shipmentdocs.jar

  • Size

    204KB

  • Sample

    231002-kz8t9age6y

  • MD5

    6b6a5cf3aebee4a96f3a973a92c70e63

  • SHA1

    bf2b6b17091ccbc21308518bd83abb5df9f968e0

  • SHA256

    96605f60fd31cc43415035301190e995a664f3ead1833b0f19b5df5fc453a2e9

  • SHA512

    e5aac55e137189caffed8d4986297ae3e986e955185e554a4bc28fffc652c04f8e32ab12c80a995e358d827f8c14b49682f54854631fc9106f914889844c1ba1

  • SSDEEP

    3072:0LAz337Qs5ppZHBOTQ0G329Ho/+4M2osa5JurcWQtl+fYpwYOuqROeSbhpovL:XzsEXwTWmoG4e75Juhq+fYwYOJRsPC

Score
10/10

Malware Config

Extracted

Family

strrat

C2

exhibitormails.onmypc.biz:7888

exhibitormails.onmypc.biz:1781

Attributes
  • license_id

    khonsari

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      shipmentdocs.jar

    • Size

      204KB

    • MD5

      6b6a5cf3aebee4a96f3a973a92c70e63

    • SHA1

      bf2b6b17091ccbc21308518bd83abb5df9f968e0

    • SHA256

      96605f60fd31cc43415035301190e995a664f3ead1833b0f19b5df5fc453a2e9

    • SHA512

      e5aac55e137189caffed8d4986297ae3e986e955185e554a4bc28fffc652c04f8e32ab12c80a995e358d827f8c14b49682f54854631fc9106f914889844c1ba1

    • SSDEEP

      3072:0LAz337Qs5ppZHBOTQ0G329Ho/+4M2osa5JurcWQtl+fYpwYOuqROeSbhpovL:XzsEXwTWmoG4e75Juhq+fYwYOJRsPC

    Score
    4/10

MITRE ATT&CK Matrix

Tasks