General
-
Target
a469607d0cf5285e85bd4faff17cb1f393ea6d8f6002a99536c189b669681763.jar
-
Size
265KB
-
Sample
241204-djf1zatpdl
-
MD5
e8ddb75a282aee7eb4eecf0c74e36d85
-
SHA1
e0d5be98174944955b5021319fc4d75272384e18
-
SHA256
a469607d0cf5285e85bd4faff17cb1f393ea6d8f6002a99536c189b669681763
-
SHA512
0e8846ed48d38ca442780fadf68766af3f32ab2304028371e8cc66af808dd2cb3f49921a4d9e69d01f89574307f18c0185c111f3f24e9411a76bec82c9c6a6af
-
SSDEEP
3072:a4yl5XE8QSJVqqOsBUJKI0sJ+JeRMfGPx0XFYf0ADJApUTWj3HKzRfJce+XvTD/:aVDZmqOaI0sJqGMfnFYf0ADJA+TWOzO3
Behavioral task
behavioral1
Sample
a469607d0cf5285e85bd4faff17cb1f393ea6d8f6002a99536c189b669681763.jar
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a469607d0cf5285e85bd4faff17cb1f393ea6d8f6002a99536c189b669681763.jar
Resource
win10v2004-20241007-en
Malware Config
Extracted
strrat
badmiles.ddns.net:5055
-
license_id
4OI0-V4TA-Z8G4-WQF1-B9VH
-
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
-
scheduled_task
true
-
secondary_startup
true
-
startup
true
Targets
-
-
Target
a469607d0cf5285e85bd4faff17cb1f393ea6d8f6002a99536c189b669681763.jar
-
Size
265KB
-
MD5
e8ddb75a282aee7eb4eecf0c74e36d85
-
SHA1
e0d5be98174944955b5021319fc4d75272384e18
-
SHA256
a469607d0cf5285e85bd4faff17cb1f393ea6d8f6002a99536c189b669681763
-
SHA512
0e8846ed48d38ca442780fadf68766af3f32ab2304028371e8cc66af808dd2cb3f49921a4d9e69d01f89574307f18c0185c111f3f24e9411a76bec82c9c6a6af
-
SSDEEP
3072:a4yl5XE8QSJVqqOsBUJKI0sJ+JeRMfGPx0XFYf0ADJApUTWj3HKzRfJce+XvTD/:aVDZmqOaI0sJqGMfnFYf0ADJA+TWOzO3
Score10/10-
Strrat family
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1