strrat | 05022025_1312_091291932[.]zip | Triage

Submit
Reports

Overview

overview

Static

static

091291932.jar

windows7-x64

1

091291932.jar

windows10-2004-x64

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

091291932.jar

Resource

win7-20241010-en

windows7-x64

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

091291932.jar

Resource

win10v2004-20250129-en

strrat persistence stealer trojan

windows10-2004-x64

8 signatures

300 seconds

General

Target

05022025_1312_091291932.zip
Size

122KB
MD5

d29700b5beae17356cf6c7f6d8ed39cf
SHA1

73ac6d4064082ae5d25b75c20ee555dbacc6a383
SHA256

a3bccc2abdcddb30063ea9b359a9fe22e9924de223a55b996705305555c9c243
SHA512

65e77c831c88aa47d266308b595ae09b1b524693e9280f484b1ab2afeda12ee77c6f691346a7c1bb8ac8d9f302f3ccd52d1a411f87533a8e1745a88cda2d60e7
SSDEEP

3072:ynjtmKTdQLwBqejPD9Li2nkO5+bh4S6hT4tRNuTE9+jBUUv:yjw5eLDfkhh4VN4Yvjz

Score

10^/10

strrat

Malware Config

Extracted

Family

strrat

C2

chevronciti.dns05.com:7888

chevronciti.dns05.com:7881

Attributes

license_id
khonsari
plugins_url
http://jbfrost.live/strigoi/server/?hwid=1&lid=m&ht=5
scheduled_task
true
secondary_startup
true
startup
true

Signatures

Strrat family
strrat

Files

05022025_1312_091291932.zip
.zip

Password: infected
091291932.jar
.jar

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.