strrat | 05022025_1312_091291932[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

091291932.jar

windows7-x64

1

091291932.jar

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

091291932.jar

Resource

win7-20241010-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

091291932.jar

Resource

win10v2004-20250129-en

strrat persistence stealer trojan

windows10-2004-x64

8 signatures

300 seconds

General

Target

05022025_1312_091291932.zip
Size

122KB
MD5

d29700b5beae17356cf6c7f6d8ed39cf
SHA1

73ac6d4064082ae5d25b75c20ee555dbacc6a383
SHA256

a3bccc2abdcddb30063ea9b359a9fe22e9924de223a55b996705305555c9c243
SHA512

65e77c831c88aa47d266308b595ae09b1b524693e9280f484b1ab2afeda12ee77c6f691346a7c1bb8ac8d9f302f3ccd52d1a411f87533a8e1745a88cda2d60e7
SSDEEP

3072:ynjtmKTdQLwBqejPD9Li2nkO5+bh4S6hT4tRNuTE9+jBUUv:yjw5eLDfkhh4VN4Yvjz

Score

10^/10

strrat

Malware Config

Extracted

Family

strrat

C2

chevronciti.dns05.com:7888

chevronciti.dns05.com:7881

Attributes

license_id
khonsari
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Signatures

Strrat family
strrat

Files

05022025_1312_091291932.zip
.zip

Password: infected
091291932.jar
.jar

© 2018-2025

Terms | Privacy