General

  • Target

    00293828403xlspdf.jar

  • Size

    125KB

  • Sample

    240210-kgb3kahh2t

  • MD5

    acdf87548c106b4271d86ad9e5afb859

  • SHA1

    0c4108f5b00a0d72d42050757b1fb8d144b44a96

  • SHA256

    0352732011c82ddbc89c86f732bd0c3acb9a9c6caf7bdbcb99bb08b68a9db1db

  • SHA512

    5b6268cf0d7cbac10d015f237b3c86b8dddc9ccb82d47e3aa975feeeed09e4a5315522ae177584a63a6f8562ca3bb5df5bb328f63d24f2e661584bf8d0939477

  • SSDEEP

    3072:ZvPwf6XB5qfvyaKJUbyp4VIVG72WpVErn+kysWOZE2Dt8:Fw8Sij6bWSIVS2WfEEstI

Score
10/10

Malware Config

Extracted

Family

strrat

C2

chevronciti.dns05.com:7888

chevronciti.dns05.com:7881

Attributes
  • license_id

    khonsari

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      00293828403xlspdf.jar

    • Size

      125KB

    • MD5

      acdf87548c106b4271d86ad9e5afb859

    • SHA1

      0c4108f5b00a0d72d42050757b1fb8d144b44a96

    • SHA256

      0352732011c82ddbc89c86f732bd0c3acb9a9c6caf7bdbcb99bb08b68a9db1db

    • SHA512

      5b6268cf0d7cbac10d015f237b3c86b8dddc9ccb82d47e3aa975feeeed09e4a5315522ae177584a63a6f8562ca3bb5df5bb328f63d24f2e661584bf8d0939477

    • SSDEEP

      3072:ZvPwf6XB5qfvyaKJUbyp4VIVG72WpVErn+kysWOZE2Dt8:Fw8Sij6bWSIVS2WfEEstI

    Score
    7/10

MITRE ATT&CK Matrix ATT&CK v13

Tasks