Overview

overview

10

Static

static

10

b2097471ac...18.jar

windows7-x64

1

b2097471ac...18.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b2097471ac7d4e8304a119e815ac5261_JaffaCakes118

  • Size

    102KB

  • Sample

    240404-h22gvahb3s

  • MD5

    b2097471ac7d4e8304a119e815ac5261

  • SHA1

    c23236d1b2bd3e6925a59d084d2bac275ea0b484

  • SHA256

    c4acaaf51b789c246dc51d925ee92f8e0af9019da7385b8b4b127fca43fbb81d

  • SHA512

    735d716638e5476cbbe038cb77aa98b77263004ecb27f7aa55c5c6b36030032aa20a59f22aeb262965e41b8e1bcf22d235f45f11863717c62423ee934de03bc9

  • SSDEEP

    1536:ddAewzYpcmCIE7/d8CC9odgo08E1fl3VLIjo1S8mfaEh7FT8VYclwDu2d:zAewzChPWC9oqoENIGS7LNFTPcu6u

Score
10/10
strratdiscovery

Malware Config

Extracted

Family

strrat

C2

173.209.48.226:5050

nightwolf.workisboring.com:4040
Attributes
  • license_id

    EX1S-4U37-B1T8-TB2H-0ITG

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      b2097471ac7d4e8304a119e815ac5261_JaffaCakes118

    • Size

      102KB

    • MD5

      b2097471ac7d4e8304a119e815ac5261

    • SHA1

      c23236d1b2bd3e6925a59d084d2bac275ea0b484

    • SHA256

      c4acaaf51b789c246dc51d925ee92f8e0af9019da7385b8b4b127fca43fbb81d

    • SHA512

      735d716638e5476cbbe038cb77aa98b77263004ecb27f7aa55c5c6b36030032aa20a59f22aeb262965e41b8e1bcf22d235f45f11863717c62423ee934de03bc9

    • SSDEEP

      1536:ddAewzYpcmCIE7/d8CC9odgo08E1fl3VLIjo1S8mfaEh7FT8VYclwDu2d:zAewzChPWC9oqoENIGS7LNFTPcu6u

    Score
    7/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks