General
-
Target
d5ef3d0d2411cc91483eab430122e8007e04b4b995f1d4940c2bd3024ce65244.zip
-
Size
184KB
-
MD5
17950a3e599adcb266ad4c85df300fbe
-
SHA1
3198db6ee002d55a338b7d76aefa3eeea00384bf
-
SHA256
d5ef3d0d2411cc91483eab430122e8007e04b4b995f1d4940c2bd3024ce65244
-
SHA512
8e5f29fbfca9f8063d51ce8aac2f5c4f0417401c62911c68cce0b472693ff92bcc760c8cb70790ad84f1c11047a3c122eb13af939fd657f78b80943c4a26d048
-
SSDEEP
3072:eyzB3n0Ts+QithhXk9hhVaLntgBuy+RVgAhBvVGHWP8q6rcGKJxAl3Nd92w:eyzB3GQSXkDIgBrOR7w2kh5Sxqd9j
Score
10/10
Malware Config
Extracted
Family
strrat
C2
macostopacros.3utilities.com:3095
prtoacasedted.3utilities.com:4056
Attributes
-
license_id
17SH-99EQ-GWIE-XC0R-AXNZ
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
false
-
secondary_startup
true
-
startup
true
Signatures
-
Strrat family
Files
-
d5ef3d0d2411cc91483eab430122e8007e04b4b995f1d4940c2bd3024ce65244.zip
-
Internet_bnk_details_neft-issues_jpg.jar