General

  • Target

    0098203000.jar

  • Size

    126KB

  • Sample

    240205-r2e4aacber

  • MD5

    b11d5575a0e2ce232e779eb0d287c190

  • SHA1

    834c8af930b52f32afc9ba87c53236b19f7675da

  • SHA256

    28c5f3f967c94fa02ddbcabae45ee8d4908744503176d540463e84d8dfc76385

  • SHA512

    2f8a55f3bc9ce16bc8639d8efc614b596d8a250006b14f86aabb24a27a52fcebfccb597c701d8a6e2d2633b7204bfc1e3bc2e4c9e2ac37aab045d85346af306c

  • SSDEEP

    3072:NZwhKvKvdjDNlUCLAJylvpyEFPlKEf5SmDv:sFfNlHL2KvpHFPlKC7

Score
10/10

Malware Config

Extracted

Family

strrat

C2

chevronciti.dns05.com:7888

chevronciti.dns05.com:7881

Attributes
  • license_id

    khonsari

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      0098203000.jar

    • Size

      126KB

    • MD5

      b11d5575a0e2ce232e779eb0d287c190

    • SHA1

      834c8af930b52f32afc9ba87c53236b19f7675da

    • SHA256

      28c5f3f967c94fa02ddbcabae45ee8d4908744503176d540463e84d8dfc76385

    • SHA512

      2f8a55f3bc9ce16bc8639d8efc614b596d8a250006b14f86aabb24a27a52fcebfccb597c701d8a6e2d2633b7204bfc1e3bc2e4c9e2ac37aab045d85346af306c

    • SSDEEP

      3072:NZwhKvKvdjDNlUCLAJylvpyEFPlKEf5SmDv:sFfNlHL2KvpHFPlKC7

    Score
    7/10

MITRE ATT&CK Matrix ATT&CK v13

Tasks