General
-
Target
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar
-
Size
209KB
-
Sample
240303-fxcxksdd91
-
MD5
3333050c3c251d6d86514742a16005e4
-
SHA1
672122d7cb8b07c939f4bf1415e9c253bd3e41e4
-
SHA256
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7
-
SHA512
208d54ece920d384dd8a025c3c70114ec040713c3aa6991f574fa343853d2f098bc8bebc213f35f605c6c3c52d72be1f51d5a48f77ff76a959cffac5d1d78559
-
SSDEEP
6144:fm98tJ9Hd/A8FSywzy4RrCVws46CumPHVmyKk:fmatjt7Rw/ews46qNKk
Behavioral task
behavioral1
Sample
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar
Resource
win10v2004-20240226-en
Malware Config
Extracted
strrat
tzitziklishop3.ddns.net:7800
103.114.104.158:7800
-
license_id
DB1U-CVGT-7HUG-X0A0-GNWH
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar
-
Size
209KB
-
MD5
3333050c3c251d6d86514742a16005e4
-
SHA1
672122d7cb8b07c939f4bf1415e9c253bd3e41e4
-
SHA256
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7
-
SHA512
208d54ece920d384dd8a025c3c70114ec040713c3aa6991f574fa343853d2f098bc8bebc213f35f605c6c3c52d72be1f51d5a48f77ff76a959cffac5d1d78559
-
SSDEEP
6144:fm98tJ9Hd/A8FSywzy4RrCVws46CumPHVmyKk:fmatjt7Rw/ews46qNKk
Score10/10-
Drops startup file
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-