Overview

overview

10

Static

static

10

486b68ef93...05.jar

windows7-x64

1

486b68ef93...05.jar

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7ea89d19a8441cc58b7255dc9fb205fa.bin

  • Size

    158KB

  • MD5

    b030f7513e21b1c207dbeeb3c669911e

  • SHA1

    180ea1a28c225a4387caf5ca0e113cda3a8c3328

  • SHA256

    8a88130d07daec3eb9f08d6f1bf00479e18b3f84783c64f76e84a9f5c7a823c8

  • SHA512

    e135ae1581178d7b9519e0bb418af82b79154c68e308400c329c181ac0a1b1766960836ea1b286844a6fc383d37591c5fd3ae14c5a9abae3e93d55a9daad4ab4

  • SSDEEP

    3072:yLwTpev4RlxtUQfXumRvtZ7jHZLCavqeLx8mf41r/ybi6DKENjD7Z55r2:y0TpevVQfXNvz77Z2avqet87yDNjDb5K

Score
10/10
strrat

Malware Config

Extracted

Family

strrat

C2

79.110.62.41:7205

127.0.0.1:7205
Attributes
  • license_id

    0EHD-YGMT-QM81-RD7S-07I6

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Signatures

Files

  • 7ea89d19a8441cc58b7255dc9fb205fa.bin
    .zip

    Password: infected

  • 486b68ef93d03c4e486b8ddd9e153391e7debc6839e0c09d38999dd159e30705.zip
    .jar