General

  • Target

    23dbd5703268a7db67368a072c9ad7f3

  • Size

    106KB

  • MD5

    23dbd5703268a7db67368a072c9ad7f3

  • SHA1

    e7ceb921ba16cac8dca122fb299c7bc9c9a8a318

  • SHA256

    6d588dde32764fd765cdc52f15eabb65262001a803befd327bfe62bb9010bc91

  • SHA512

    dd2cc644c6e0ff9715ea8355ca6e53dd0ecb7fabdc248c5abd798affec4b08d3c06d6cdd5ae5b79b749698995034c306f28dd482550a73ed68b5a474e8a72569

  • SSDEEP

    1536:Ifku/dVPqW+tDYpcSLOIRNTjm5SSikTXdEM0VvSX5sdDKVTiPuRWN6pqE:IzHfiMpcjajm5xikhEJcCY17MEpz

Score
10/10

Malware Config

Extracted

Family

strrat

C2

agadinwanyi.dubya.net:1788

agadinwanyi.dubya.net:1781

Attributes
  • license_id

    M5NG-QCTM-00LM-3XXT-3I3E

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Signatures

Files

  • 23dbd5703268a7db67368a072c9ad7f3
    .jar