Overview

overview

10

Static

static

10

5f73f282fd...83.jar

windows7-x64

1

5f73f282fd...83.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5f73f282fd6efe7a9c426b3782a99483.bin

  • Size

    126KB

  • Sample

    231210-c6vl7sbfcp

  • MD5

    5f73f282fd6efe7a9c426b3782a99483

  • SHA1

    d9d2945053aab6d20b4154c763780300f867ade9

  • SHA256

    b8d23d8f9495c315a1a7c8daf8284f8407f0987d1b4f1d2c2880fa1fc62572a2

  • SHA512

    ce11ba9e1b7e1c084fe6328b0c4dcb753b878befd1453cebf47447475787dd5945d6b3a81e46ecbe29630e3cefb8f5c2ddc0e3b73da3781508da7b3250fbc3a9

  • SSDEEP

    1536:lNI8XP1F0tURwTD9OaEPXs0JJSSk48P+KMm2gpEg0HaoUX1XgP4pRS8fP4HRsMu+:lNRyOPbJ6rJCg0Nd4phfP42MlF/E4

Score
10/10
strratdiscovery

Malware Config

Extracted

Family

strrat

C2

lestencrypt.dnset.com:7888

lestencrypt.dnset.com:1780
Attributes
  • license_id

    M5NG-QCTM-00LM-3XXT-3I3E

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      5f73f282fd6efe7a9c426b3782a99483.bin

    • Size

      126KB

    • MD5

      5f73f282fd6efe7a9c426b3782a99483

    • SHA1

      d9d2945053aab6d20b4154c763780300f867ade9

    • SHA256

      b8d23d8f9495c315a1a7c8daf8284f8407f0987d1b4f1d2c2880fa1fc62572a2

    • SHA512

      ce11ba9e1b7e1c084fe6328b0c4dcb753b878befd1453cebf47447475787dd5945d6b3a81e46ecbe29630e3cefb8f5c2ddc0e3b73da3781508da7b3250fbc3a9

    • SSDEEP

      1536:lNI8XP1F0tURwTD9OaEPXs0JJSSk48P+KMm2gpEg0HaoUX1XgP4pRS8fP4HRsMu+:lNRyOPbJ6rJCg0Nd4phfP42MlF/E4

    Score
    7/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks