General

  • Target

    fa454076cf36fe6868d54215ebb345cd9d6c8423fa9bd9f0bd56df9074915215.zip

  • Size

    88KB

  • MD5

    c00501fc6a943e9212f1d0fd93235daa

  • SHA1

    8ce6b95d7fac24cbb66ab2432dd9d90668c485a9

  • SHA256

    fa454076cf36fe6868d54215ebb345cd9d6c8423fa9bd9f0bd56df9074915215

  • SHA512

    d98364f960cf22f2766404c6311487eb73ecc59ab610dde8549462c93a00b69245b035ec5061ff180eb001ed582c2fae385444a0a787eee3471d9c07beaa3a28

  • SSDEEP

    1536:gQBto+OSHJ9jIAhS77WX/boWVFXUIuAUt8mMUsluRtuO8jNKg3v:gkv3VPXJuAUK8BuO8jN9

Score
10/10

Malware Config

Extracted

Family

strrat

C2

194.5.98.243:7123

194.5.98.243:7234

Attributes
  • license_id

    FREF-6ILG-J2DN-PT5K-AYC2

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    true

  • secondary_startup

    true

  • startup

    true

Signatures

Files

  • fa454076cf36fe6868d54215ebb345cd9d6c8423fa9bd9f0bd56df9074915215.zip
    .jar