Overview

overview

10

Static

static

10

a1006d20dd...18.jar

windows7-x64

1

a1006d20dd...18.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1006d20dd1b09e2158a8892c73eb515_JaffaCakes118

  • Size

    184KB

  • Sample

    240403-fss31ahc86

  • MD5

    a1006d20dd1b09e2158a8892c73eb515

  • SHA1

    5d8f2eba5f157be1efa64e374714be332a607dc2

  • SHA256

    3100ec86173299175a5236c366dbd28cfe47b3bb6464245b8af7ae941267ebbc

  • SHA512

    04c827ed8e729e8fc72ed84a54cb13c57b7db4e67e140b3fec94cb529ef701500d64c4d370061ac66b1ddbf914995f9401c7594fc0afed0bdb854c331bfd3104

  • SSDEEP

    3072:Ts6RcvzZ0MqCuAhXO9ElwbsTCItfWELwDa5OmAJZm3LvwMiulaft7DNTSxTHfseW:Ts6wcCuqmbf4WELwbSLoy418sxerTQ

Score
10/10
strratdiscovery

Malware Config

Extracted

Family

strrat

C2

31.210.20.164:4292

127.0.0.1:4292
Attributes
  • license_id

    61DP-MVTK-7F5S-QIGT-AV1H

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      a1006d20dd1b09e2158a8892c73eb515_JaffaCakes118

    • Size

      184KB

    • MD5

      a1006d20dd1b09e2158a8892c73eb515

    • SHA1

      5d8f2eba5f157be1efa64e374714be332a607dc2

    • SHA256

      3100ec86173299175a5236c366dbd28cfe47b3bb6464245b8af7ae941267ebbc

    • SHA512

      04c827ed8e729e8fc72ed84a54cb13c57b7db4e67e140b3fec94cb529ef701500d64c4d370061ac66b1ddbf914995f9401c7594fc0afed0bdb854c331bfd3104

    • SSDEEP

      3072:Ts6RcvzZ0MqCuAhXO9ElwbsTCItfWELwDa5OmAJZm3LvwMiulaft7DNTSxTHfseW:Ts6wcCuqmbf4WELwbSLoy418sxerTQ

    Score
    7/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Tasks