Overview

overview

10

Static

static

10

Order march.jar

windows7-x64

1

Order march.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Order march.jar

  • Size

    186KB

  • Sample

    240321-fgs9maca99

  • MD5

    2f4085fc9e8ff8495114910c1d93342d

  • SHA1

    61c71ed13a00a3b271d6ea1400fc58e248654cab

  • SHA256

    b28e574048022dfe9483a9054f2bb96bc597d64c93a2a36ad27c03034ab5f185

  • SHA512

    a93cf098f9a40520229e28f34a6831afdb099a67321708d1425c232f6942b2ee1d326d683021bff6055e110d65c0e0727d4aa88b277cbf3bba1b0c2062507e73

  • SSDEEP

    3072:ULrNBttm1LfHpGQH0TchAOuP47zpiNukQ0HceZ2+jzQndHvSn2JVAJpE7M9nrI2M:Un72pachnd7zpiNlHceZrcdHhVA2IrIJ

Score
10/10
strratdiscovery

Malware Config

Extracted

Family

strrat

C2

23.94.159.198:8055

Attributes
  • license_id

    RKVU-XC8X-2570-JQTM-RUPI

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      Order march.jar

    • Size

      186KB

    • MD5

      2f4085fc9e8ff8495114910c1d93342d

    • SHA1

      61c71ed13a00a3b271d6ea1400fc58e248654cab

    • SHA256

      b28e574048022dfe9483a9054f2bb96bc597d64c93a2a36ad27c03034ab5f185

    • SHA512

      a93cf098f9a40520229e28f34a6831afdb099a67321708d1425c232f6942b2ee1d326d683021bff6055e110d65c0e0727d4aa88b277cbf3bba1b0c2062507e73

    • SSDEEP

      3072:ULrNBttm1LfHpGQH0TchAOuP47zpiNukQ0HceZ2+jzQndHvSn2JVAJpE7M9nrI2M:Un72pachnd7zpiNlHceZrcdHhVA2IrIJ

    Score
    7/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks