General

  • Target

    090980876.jar

  • Size

    109KB

  • Sample

    231122-qzvwaadd7w

  • MD5

    9d7d1532643224fbfd2ba251dfd77573

  • SHA1

    448acba800954e5f2dbbd4b3fcaa451f85d98373

  • SHA256

    526189c3530654a4829862c98edfc9b217f977759db01b18de84aa277fa51765

  • SHA512

    e87e0448aab4899f8dd2ba0c87272dd40d120df8319c8e1cdb3c4307e3bf4810c98824439bd2a700a78e1d7d9899bdba248d3c2c7edbb3ff39b0b97d8309af35

  • SSDEEP

    3072:VcO+H6vLeNzNShy8BZ06OZ6Sdbx9bLTuclPLZS2tOKnhO:n+avLeJYhy8k6y6Ebx9ruclP0dKns

Score
10/10

Malware Config

Extracted

Family

strrat

C2

lestencrypt.dnset.com:7888

lestencrypt.dnset.com:1780

Attributes
  • license_id

    M5NG-QCTM-00LM-3XXT-3I3E

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      090980876.jar

    • Size

      109KB

    • MD5

      9d7d1532643224fbfd2ba251dfd77573

    • SHA1

      448acba800954e5f2dbbd4b3fcaa451f85d98373

    • SHA256

      526189c3530654a4829862c98edfc9b217f977759db01b18de84aa277fa51765

    • SHA512

      e87e0448aab4899f8dd2ba0c87272dd40d120df8319c8e1cdb3c4307e3bf4810c98824439bd2a700a78e1d7d9899bdba248d3c2c7edbb3ff39b0b97d8309af35

    • SSDEEP

      3072:VcO+H6vLeNzNShy8BZ06OZ6Sdbx9bLTuclPLZS2tOKnhO:n+avLeJYhy8k6y6Ebx9ruclP0dKns

    Score
    7/10

MITRE ATT&CK Enterprise v15

Tasks