General
-
Target
538aefe2d62a53a7b5991a4acda23b8f04aeba4fee1959018ddc375ed6858e5b.zip
-
Size
184KB
-
MD5
b9d15c8cac26c29a0bee770450233edc
-
SHA1
7f4e10b93d41205e48c0e636fa96656845347b04
-
SHA256
538aefe2d62a53a7b5991a4acda23b8f04aeba4fee1959018ddc375ed6858e5b
-
SHA512
304703a9316450923c2b4bc9edde0b82e72a44007ae3e2339d1ac13f487cb7d9252815e6fad97e2e77608e879faeec306fbfb922d1487812c0c5dccaa0338e8f
-
SSDEEP
3072:ayzB3n0Ts+QithhXk9hhVaLntgBuy+RVgAhBvVGHWP8q6rcGKJxAl3Nd92k:ayzB3GQSXkDIgBrOR7w2kh5Sxqd9X
Score
10/10
Malware Config
Extracted
Family
strrat
C2
macostopacros.3utilities.com:3095
prtoacasedted.3utilities.com:4056
Attributes
-
license_id
17SH-99EQ-GWIE-XC0R-AXNZ
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
false
-
secondary_startup
true
-
startup
true
Signatures
-
Strrat family
Files
-
538aefe2d62a53a7b5991a4acda23b8f04aeba4fee1959018ddc375ed6858e5b.zip
-
MIS_FILE_9888123_RECEIVED_xsls.jar