General
-
Target
receiptLetter.jar
-
Size
218KB
-
Sample
240124-lwmchsfdg3
-
MD5
5d81412b04fd717dee4692cd86123afd
-
SHA1
7061472c8d30baf69539188c848ba3d832f52ff5
-
SHA256
0ad50a0c8760fa7bf494835a3b7a853178942082219d3689d10b63ab499f0013
-
SHA512
7cb7c711db1d40c84540f568218582eb5e9925f67f6a661fcb29b766f23379371d98ce7cc1b2d2e4a2df977bdf09dd531b0fba1f47a2c2ee979999a830933a8b
-
SSDEEP
6144:K2dDJ1QpmuH/lNS0GD1+6QVOqzSuSlhcrlV2LepIU9:LBJWmuH/lN1GEP/SuSkd9
Behavioral task
behavioral1
Sample
receiptLetter.jar
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
receiptLetter.jar
Resource
win10v2004-20231215-en
Malware Config
Extracted
strrat
binacafe.duckdns.org:6586
127.0.0.1:6586
-
license_id
ON0K-D4YD-8WHU-SHV5-GE8B
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
receiptLetter.jar
-
Size
218KB
-
MD5
5d81412b04fd717dee4692cd86123afd
-
SHA1
7061472c8d30baf69539188c848ba3d832f52ff5
-
SHA256
0ad50a0c8760fa7bf494835a3b7a853178942082219d3689d10b63ab499f0013
-
SHA512
7cb7c711db1d40c84540f568218582eb5e9925f67f6a661fcb29b766f23379371d98ce7cc1b2d2e4a2df977bdf09dd531b0fba1f47a2c2ee979999a830933a8b
-
SSDEEP
6144:K2dDJ1QpmuH/lNS0GD1+6QVOqzSuSlhcrlV2LepIU9:LBJWmuH/lN1GEP/SuSkd9
Score7/10-
Modifies file permissions
-