Behavioral task
behavioral1
Sample
21d2af8f6192380ebf0c91923df9a12a0d6b3c26f8478da73c8d8bf0d3963756.jar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
21d2af8f6192380ebf0c91923df9a12a0d6b3c26f8478da73c8d8bf0d3963756.jar
Resource
win10v2004-20240226-en
General
-
Target
f9c912be352f38dce2c0e9743e9a46ba.bin
-
Size
202KB
-
MD5
a723f6aa385473bf4fe35884b25d7def
-
SHA1
9772d6e9190e6dae023dcd3212ecc0c295130019
-
SHA256
83f4d1fd06965361ddd76fb9d1c132a0f1b8dcbfbc41309f73ac152b8c922f43
-
SHA512
79e335a46a1adb985bf012a5c3c14b8481dd1a5060d16466aecbcf4cd2090b355455516d2988e626c1e334ce4b8b0d23a21adf4719387d8afa23edef0f2b1aea
-
SSDEEP
6144:9QOt8JzYvCzn4A9nxhSY5xIbk0XE3P0C5Z:x8p4ixz2fOP0yZ
Malware Config
Extracted
strrat
tzitziklishop3.ddns.net:7800
103.114.104.158:7800
-
license_id
DB1U-CVGT-7HUG-X0A0-GNWH
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Signatures
-
Strrat family
Files
-
f9c912be352f38dce2c0e9743e9a46ba.bin.zip
Password: infected
-
21d2af8f6192380ebf0c91923df9a12a0d6b3c26f8478da73c8d8bf0d3963756.jar.jar