General
-
Target
1238_20f218010b4a83ad4af68bfe387b4275a86eef84354e279bde5b11c07b7433a7.zip
-
Size
210KB
-
MD5
c64088565df023346be4a0a753e6991a
-
SHA1
78ad8cdf0637795aa3224b90c056f26182459aa6
-
SHA256
59c9f5bbdf0913d7f877e6859adfb266bee0a64395308b588a94c2eb8c27a334
-
SHA512
46a71ada1c2aed1fe79322f8ee5b4887182789e43615349f5f3d4e471fec20c8783d3b3ae41d44e5f0330e9244a26475cac9cabd13ad990a713d58de481613d8
-
SSDEEP
6144:cOfvkEN2Ewkn4e0IYJkzEDmocNaE6X9ChQoSy:cYN2EFT0IYJIocoEGYhQoSy
Score
10/10
Malware Config
Extracted
Family
strrat
C2
194.15.112.53:6247
payment.gleeze.com:6247
Attributes
-
license_id
XRX6-YEF1-8ZTR-PBLU-HS8O
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Signatures
-
Strrat family
Files
-
1238_20f218010b4a83ad4af68bfe387b4275a86eef84354e279bde5b11c07b7433a7.zip
Password: infected
-
20f218010b4a83ad4af68bfe387b4275a86eef84354e279bde5b11c07b7433a7