General
-
Target
87c8f9664c3b71f0b26556c27ca32e80.bin
-
Size
213KB
-
Sample
231101-camlqagg9w
-
MD5
d448ca98331250fc74571ee03cdfd32e
-
SHA1
f1a4d632fc7534cb2f032263d6900e6aaae8bb17
-
SHA256
b9de52fb718982e0fa909a62dc1d2eca78eb4845435d4817de1d7c655862a001
-
SHA512
15e4e48491923b9c86dbccf70254967c552e6b2780e761602f303a6c731ae869e197d8127132ea3753d4e28d6e47a87c7bb874b68c9f3ad5a98a5c6a56d2ca3e
-
SSDEEP
6144:3gAuaL1XMa4d++CqQ2FR7MC3Pep8iq9oGk:3TuED1hOxTPexGk
Behavioral task
behavioral1
Sample
e2580cc0724e38ed889f6ac5ad4723c0d64a232090642ced085ddff3b2463fa0.jar
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
e2580cc0724e38ed889f6ac5ad4723c0d64a232090642ced085ddff3b2463fa0.jar
Resource
win10v2004-20231023-en
Malware Config
Extracted
strrat
powerful.ddnsfree.com:7802
powerfull6.duckdns.org:7817
-
license_id
PZ7N-MEGA-746I-6O5N-OHCF
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
e2580cc0724e38ed889f6ac5ad4723c0d64a232090642ced085ddff3b2463fa0.jar
-
Size
219KB
-
MD5
87c8f9664c3b71f0b26556c27ca32e80
-
SHA1
b1c6af2eb43dbbfc1b7b3ce8a96e6c084e206d02
-
SHA256
e2580cc0724e38ed889f6ac5ad4723c0d64a232090642ced085ddff3b2463fa0
-
SHA512
d1950f0255255eb5c5dadbeaafab1d70ca843b22fa5c8eea3668f515fdd21336093ef613f72a1ba440d8b304ea8f0d4e0a806cdda44d90cf60ace42710a8d93c
-
SSDEEP
6144:DVa3mHk5xN2K2W3c/yQwP801EdXMQ0eJReSTzBsBfW:DVkhc/RwdC0wFtsBW
Score7/10-
Modifies file permissions
-