General

  • Target

    TransferenciabbvafatturaenviadosExwork0093004.jar

  • Size

    219KB

  • Sample

    231030-yx89wsgh74

  • MD5

    87c8f9664c3b71f0b26556c27ca32e80

  • SHA1

    b1c6af2eb43dbbfc1b7b3ce8a96e6c084e206d02

  • SHA256

    e2580cc0724e38ed889f6ac5ad4723c0d64a232090642ced085ddff3b2463fa0

  • SHA512

    d1950f0255255eb5c5dadbeaafab1d70ca843b22fa5c8eea3668f515fdd21336093ef613f72a1ba440d8b304ea8f0d4e0a806cdda44d90cf60ace42710a8d93c

  • SSDEEP

    6144:DVa3mHk5xN2K2W3c/yQwP801EdXMQ0eJReSTzBsBfW:DVkhc/RwdC0wFtsBW

Score
10/10

Malware Config

Extracted

Family

strrat

C2

powerful.ddnsfree.com:7802

powerfull6.duckdns.org:7817

Attributes
  • license_id

    PZ7N-MEGA-746I-6O5N-OHCF

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      TransferenciabbvafatturaenviadosExwork0093004.jar

    • Size

      219KB

    • MD5

      87c8f9664c3b71f0b26556c27ca32e80

    • SHA1

      b1c6af2eb43dbbfc1b7b3ce8a96e6c084e206d02

    • SHA256

      e2580cc0724e38ed889f6ac5ad4723c0d64a232090642ced085ddff3b2463fa0

    • SHA512

      d1950f0255255eb5c5dadbeaafab1d70ca843b22fa5c8eea3668f515fdd21336093ef613f72a1ba440d8b304ea8f0d4e0a806cdda44d90cf60ace42710a8d93c

    • SSDEEP

      6144:DVa3mHk5xN2K2W3c/yQwP801EdXMQ0eJReSTzBsBfW:DVkhc/RwdC0wFtsBW

    Score
    7/10

MITRE ATT&CK Enterprise v15

Tasks