General

  • Target

    Strela.zip

  • Size

    370KB

  • Sample

    221124-s79eragg91

  • MD5

    116aec69a9dc0a41931ff34708899962

  • SHA1

    080410a8df67f19f29095a9f28216fcbadf7430e

  • SHA256

    1079dd8ba84a643ff8c2dacaf485948b375971c882411a68671a0cacb7330570

  • SHA512

    d8042236c9f5b357d03508084901959baeb0230721218d9fb1730477274d44a10cffb8346e92aded5b59c37834e38964f97f9a6a3c9df9bd5733b4187a3ada94

  • SSDEEP

    6144:mRl4xIyzkx8RGP0veZUPv6/l+gNn4oJi+EgnlfhRakTJ/7gAablw3DdSlcq07:+lok8+0veZ+YNjE6hckix+3BSt07

Score
10/10

Malware Config

Extracted

Family

Strela

C2

193.106.191.166

Targets

    • Target

      run.ps1

    • Size

      116B

    • MD5

      a7ace018fd3f518bc419f7e211609e01

    • SHA1

      deaed741f50f27d7a60a34b83cef84f905e0569f

    • SHA256

      01fda517b82e9a91c0269977ce1bf177850811b2861b399d2fb4a5e45095cfc6

    • SHA512

      7920e3c2fd54f821b44b778512bd031cfb2ffddd5ba36f89f0b04650ad610eb6ff0cf506111bc81328ca0746f3472506649fe9d48b1c26401cdd771f423c7b51

    Score
    7/10
    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

MITRE ATT&CK Matrix

Command and Control

    Credential Access

    Defense Evasion

      Discovery

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Persistence

                    Privilege Escalation

                      Tasks