Strela | 1079dd8ba84a643ff8c2dacaf485948b375971c882411a68671a0cacb7330570 | Triage

Sharing

General

Target

Strela.zip
Size

370KB
Sample

221124-s79eragg91
MD5

116aec69a9dc0a41931ff34708899962
SHA1

080410a8df67f19f29095a9f28216fcbadf7430e
SHA256

1079dd8ba84a643ff8c2dacaf485948b375971c882411a68671a0cacb7330570
SHA512

d8042236c9f5b357d03508084901959baeb0230721218d9fb1730477274d44a10cffb8346e92aded5b59c37834e38964f97f9a6a3c9df9bd5733b4187a3ada94
SSDEEP

6144:mRl4xIyzkx8RGP0veZUPv6/l+gNn4oJi+EgnlfhRakTJ/7gAablw3DdSlcq07:+lok8+0veZ+YNjE6hckix+3BSt07

Score

10^/10

Strela spyware stealer

Malware Config

Extracted

Family

Strela

C2

193.106.191.166

Targets

- Target
  
  run.ps1
- Size
  
  116B
- MD5
  
  a7ace018fd3f518bc419f7e211609e01
- SHA1
  
  deaed741f50f27d7a60a34b83cef84f905e0569f
- SHA256
  
  01fda517b82e9a91c0269977ce1bf177850811b2861b399d2fb4a5e45095cfc6
- SHA512
  
  7920e3c2fd54f821b44b778512bd031cfb2ffddd5ba36f89f0b04650ad610eb6ff0cf506111bc81328ca0746f3472506649fe9d48b1c26401cdd771f423c7b51
Score

7^/10

spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2