General
-
Target
a1006d20dd1b09e2158a8892c73eb515_JaffaCakes118
-
Size
184KB
-
Sample
240403-fss31ahc86
-
MD5
a1006d20dd1b09e2158a8892c73eb515
-
SHA1
5d8f2eba5f157be1efa64e374714be332a607dc2
-
SHA256
3100ec86173299175a5236c366dbd28cfe47b3bb6464245b8af7ae941267ebbc
-
SHA512
04c827ed8e729e8fc72ed84a54cb13c57b7db4e67e140b3fec94cb529ef701500d64c4d370061ac66b1ddbf914995f9401c7594fc0afed0bdb854c331bfd3104
-
SSDEEP
3072:Ts6RcvzZ0MqCuAhXO9ElwbsTCItfWELwDa5OmAJZm3LvwMiulaft7DNTSxTHfseW:Ts6wcCuqmbf4WELwbSLoy418sxerTQ
Behavioral task
behavioral1
Sample
a1006d20dd1b09e2158a8892c73eb515_JaffaCakes118.jar
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a1006d20dd1b09e2158a8892c73eb515_JaffaCakes118.jar
Resource
win10v2004-20231215-en
Malware Config
Extracted
strrat
31.210.20.164:4292
127.0.0.1:4292
-
license_id
61DP-MVTK-7F5S-QIGT-AV1H
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
a1006d20dd1b09e2158a8892c73eb515_JaffaCakes118
-
Size
184KB
-
MD5
a1006d20dd1b09e2158a8892c73eb515
-
SHA1
5d8f2eba5f157be1efa64e374714be332a607dc2
-
SHA256
3100ec86173299175a5236c366dbd28cfe47b3bb6464245b8af7ae941267ebbc
-
SHA512
04c827ed8e729e8fc72ed84a54cb13c57b7db4e67e140b3fec94cb529ef701500d64c4d370061ac66b1ddbf914995f9401c7594fc0afed0bdb854c331bfd3104
-
SSDEEP
3072:Ts6RcvzZ0MqCuAhXO9ElwbsTCItfWELwDa5OmAJZm3LvwMiulaft7DNTSxTHfseW:Ts6wcCuqmbf4WELwbSLoy418sxerTQ
Score7/10-
Modifies file permissions
-