General
-
Target
63262891ac6fefea1093be2f08c838661d2d5894f3b6c293ace8ca8767b7648d.jar
-
Size
172KB
-
Sample
240403-bsbrhabf7w
-
MD5
6be27e5e3901ee3d96af16033fc38225
-
SHA1
d91f834305d126f0ac2ec29f97fb7c72392135d9
-
SHA256
63262891ac6fefea1093be2f08c838661d2d5894f3b6c293ace8ca8767b7648d
-
SHA512
a35dacaea62be75c2e83591b9115ecef9f4ef1117c942679f640d64f9bdc3388ac240272901d6b4abb94a666da79f0ddc99a2557cbd194f71d7fd7a663668118
-
SSDEEP
3072:3iVaVsGjCCBAexRY7hPGj0MdPnjwE1CXW64Ke6yLohgoHFpjpIU630WGLGB6nOc6:SVaVsecORYwd/jwE2/LyEguHv+0CB6BQ
Behavioral task
behavioral1
Sample
63262891ac6fefea1093be2f08c838661d2d5894f3b6c293ace8ca8767b7648d.jar
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
63262891ac6fefea1093be2f08c838661d2d5894f3b6c293ace8ca8767b7648d.jar
Resource
win10v2004-20240226-en
Malware Config
Extracted
strrat
elastsolek22.duckdns.org:4718
zekeriyasolek45.duckdns.org:4718
-
license_id
WFC9-W4KB-388F-9KY1-S6JV
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
63262891ac6fefea1093be2f08c838661d2d5894f3b6c293ace8ca8767b7648d.jar
-
Size
172KB
-
MD5
6be27e5e3901ee3d96af16033fc38225
-
SHA1
d91f834305d126f0ac2ec29f97fb7c72392135d9
-
SHA256
63262891ac6fefea1093be2f08c838661d2d5894f3b6c293ace8ca8767b7648d
-
SHA512
a35dacaea62be75c2e83591b9115ecef9f4ef1117c942679f640d64f9bdc3388ac240272901d6b4abb94a666da79f0ddc99a2557cbd194f71d7fd7a663668118
-
SSDEEP
3072:3iVaVsGjCCBAexRY7hPGj0MdPnjwE1CXW64Ke6yLohgoHFpjpIU630WGLGB6nOc6:SVaVsecORYwd/jwE2/LyEguHv+0CB6BQ
Score7/10-
Modifies file permissions
-