Behavioral task
behavioral1
Sample
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar
Resource
win10v2004-20240226-en
General
-
Target
3333050c3c251d6d86514742a16005e4.bin
-
Size
202KB
-
MD5
1f684bd47ddeec038ad488755b12e058
-
SHA1
be330d9942b18166e3615aca5a103390fb35a766
-
SHA256
36bf584a3c3ece520fb889a475ca4e2976925e70f5d240b2020ea7f882839fb8
-
SHA512
f7949bf08ec97f119fcb9efa5e858c29081d80cc29d1602416b78007eff0e879ae7b817b3f8c85b96fc055766c6e72f6b945fc32a35dd4146aed98bb6a0ef2d0
-
SSDEEP
3072:TJB1VgW1KIJXr4ItnUqkBrrWOiH933EVd1K5IcWzjpbhErWbsXOnTiXGp0:TlyW1KANtU/S93Ads5gzjDkW4EiXGp0
Malware Config
Extracted
strrat
tzitziklishop3.ddns.net:7800
103.114.104.158:7800
-
license_id
DB1U-CVGT-7HUG-X0A0-GNWH
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Signatures
-
Strrat family
Files
-
3333050c3c251d6d86514742a16005e4.bin.zip
Password: infected
-
67e00d139b6348ec53d26f3cdcc3e958fe76a35ea933199a615e210667a5ade7.jar.jar