General

  • Target

    b6211e0aea888d1d1502812dc2a6e26c.bin

  • Size

    202KB

  • Sample

    240304-d8gzkagh4x

  • MD5

    7ce1c24bf5c13b953619a9f2f96f3065

  • SHA1

    f3fc2fcd7470d912c808c1812c3cef43f909d391

  • SHA256

    18c9eb77a8395a0f4c8c5d1ffefd3155e142fabb4b7516678e56f56704bd257e

  • SHA512

    8fcf43e8a8a9eb09a0c9533b5c7dd8cf0d329f2b9a64427a333b219be90a979a7b9cbc3089734b2f034249eec007cc042b7d2e62e3b10c66798c5d34b146807e

  • SSDEEP

    3072:6V6pHmVs3KdpC1BWd3whnXZNhlA8sYUtT8IEeOxdtiVzfr7VvytZO+skWCjmKxb9:L2tC1AdghnXLhroE3toD7VTkW+mKj

Score
10/10

Malware Config

Extracted

Family

strrat

C2

tzitziklishop3.ddns.net:7800

103.114.104.158:7800

Attributes
  • license_id

    DB1U-CVGT-7HUG-X0A0-GNWH

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      79098273db492173009ed9fdd408224f010bb6222a09f4f93fcc6de5bf324acc.jar

    • Size

      209KB

    • MD5

      b6211e0aea888d1d1502812dc2a6e26c

    • SHA1

      8f0e44f2128b2451dd681f7c807ecdba1283f0c4

    • SHA256

      79098273db492173009ed9fdd408224f010bb6222a09f4f93fcc6de5bf324acc

    • SHA512

      0021749654fe4d56163fda85a975e7335820becaa8889dec59a7b35d3faa97dc67f0516b77257a7881c45b5c4cc66829ba8b4d830cf3c0160af79ddda460770b

    • SSDEEP

      6144:J2j85JHHl/6C1kOQzyaRfiVO6w0UuwPdVmyKw:J2Y59VHXQVqO6w02PKw

    Score
    7/10

MITRE ATT&CK Enterprise v15

Tasks