Behavioral task
behavioral1
Sample
63c6996a03acda7db008bf6d1522b06efdff5fcdf7103b31767ebd47cee72a59.jar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
63c6996a03acda7db008bf6d1522b06efdff5fcdf7103b31767ebd47cee72a59.jar
Resource
win10v2004-20240226-en
General
-
Target
2d5d4212065ca4cd30b1db90d381a709.bin
-
Size
202KB
-
MD5
c1b5a3ba465c1ed30ab6d04d0d189f22
-
SHA1
9a0607a8863a1d6c43d163fd1fecafb5a4269b92
-
SHA256
ede6d3a6701e52285599fbb007f446572fbf8c7e1da1deb21c1f0526fd661e3f
-
SHA512
5f7b7200049cf3116a7f6a7e117e8fa8529d9b6b23f9d40e91824247411c22809a5276f9c49bf86aa7b9acf64324533029cc207ac3425d064064b5afc5d979b7
-
SSDEEP
3072:1E/FJrAXAinPzzLGviaDDTu9oEno79vMQ1toJZorbzYl7WxZ4RolWx2S3Iq9qQiR:adVhiLGvdTu9To7SQ4JZRl0lbtq9q95p
Malware Config
Extracted
strrat
tzitziklishop3.ddns.net:7800
103.114.104.158:7800
-
license_id
DB1U-CVGT-7HUG-X0A0-GNWH
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Signatures
-
Strrat family
Files
-
2d5d4212065ca4cd30b1db90d381a709.bin.zip
Password: infected
-
63c6996a03acda7db008bf6d1522b06efdff5fcdf7103b31767ebd47cee72a59.jar.jar