strrat | 15885789303[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

a96bfbf20a...1e.jar

windows7-x64

a96bfbf20a...1e.jar

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a96bfbf20a599ee5f39d549564bb417ab4033193fcc3576b6c7151d29a90611e.jar

Resource

win7-20240221-en

strrat persistence stealer trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

a96bfbf20a599ee5f39d549564bb417ab4033193fcc3576b6c7151d29a90611e.jar

Resource

win10v2004-20240226-en

strrat discovery persistence stealer trojan

windows10-2004-x64

8 signatures

150 seconds

General

Target

15885789303.zip
Size

62KB
MD5

e774d412fdea4468a72eae10584ec35a
SHA1

d54a0ae4883d6bcc70bb75acca5cdd361efdb749
SHA256

49a493e2214429f51e58f0cb7679736d88e196707d03a6c624de96399974ae97
SHA512

48cc42f471f2809b842afae84be6e44272dc67a8a3aa8cb225ff58d175e998287e46afdebeccd21b7bae8ba46d577977cacd6d577aad166199f81df91f601a3a
SSDEEP

1536:RNc9EcAljLen8iW6KwsogDI/wBtVlp1cOSsARhc42vLX9:RaZiaxXKwek/6tVj1c6Z5B

Score

10^/10

strrat

Malware Config

Extracted

Family

strrat

C2

elastsolek21.duckdns.org:4781

zekeriyasolek45.duckdns.org:4781

Attributes

license_id
WFC9-W4KB-388F-9KY1-S6JV
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Signatures

Strrat family
strrat

Files

15885789303.zip
.zip

Password: infected
a96bfbf20a599ee5f39d549564bb417ab4033193fcc3576b6c7151d29a90611e
.jar

© 2018-2024

Terms | Privacy