Overview

overview

10

Static

static

10

Listing_er...02.jar

windows7-x64

7

Listing_er...02.jar

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Listing_error_15_code_file-002.jar

  • Size

    190KB

  • Sample

    241121-l43pga1ama

  • MD5

    1a7a05db5686a51ce39c3b35c111d73f

  • SHA1

    c6ba4712046569c3d6601e5d2f85aeecfabef69b

  • SHA256

    bbd5de9d533b350b86e4d9aa54b6545c6e890c4f263ad27433b2c995faf89493

  • SHA512

    f15d3e2f5cd3a10111c87c2f6c1d8d7bf51fab14f9e6c33ffde067a5c7df2d7f81055d0ba331a840a33ba596cb45e782299f626367a928447a08480d41a3a1c9

  • SSDEEP

    3072:OrYdkjhtVe7DDgZwqku/GLwlsA54LO/Q+7Jkb5o7/pJhHufYiYlDwVK/ASrx:etVqs+qku/aK4SzWU/ThHuQikDCHSd

Score
10/10
strratpersistence

Malware Config

Extracted

Family

strrat

C2

macostopacros.3utilities.com:3095

prtoacasedted.3utilities.com:4056
Attributes
  • license_id

    17SH-99EQ-GWIE-XC0R-AXNZ

  • plugins_url

    http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5

  • scheduled_task

    false

  • secondary_startup

    true

  • startup

    true

Targets

    • Target

      Listing_error_15_code_file-002.jar

    • Size

      190KB

    • MD5

      1a7a05db5686a51ce39c3b35c111d73f

    • SHA1

      c6ba4712046569c3d6601e5d2f85aeecfabef69b

    • SHA256

      bbd5de9d533b350b86e4d9aa54b6545c6e890c4f263ad27433b2c995faf89493

    • SHA512

      f15d3e2f5cd3a10111c87c2f6c1d8d7bf51fab14f9e6c33ffde067a5c7df2d7f81055d0ba331a840a33ba596cb45e782299f626367a928447a08480d41a3a1c9

    • SSDEEP

      3072:OrYdkjhtVe7DDgZwqku/GLwlsA54LO/Q+7Jkb5o7/pJhHufYiYlDwVK/ASrx:etVqs+qku/aK4SzWU/ThHuQikDCHSd

    Score
    7/10
    persistence

    • Drops startup file

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks