Strela | 1079dd8ba84a643ff8c2dacaf485948b375971c882411a68671a0cacb7330570 | Triage

Sharing

General

Target

Strela.zip
Size

370KB
Sample

221124-s79eragg91
MD5

116aec69a9dc0a41931ff34708899962
SHA1

080410a8df67f19f29095a9f28216fcbadf7430e
SHA256

1079dd8ba84a643ff8c2dacaf485948b375971c882411a68671a0cacb7330570
SHA512

d8042236c9f5b357d03508084901959baeb0230721218d9fb1730477274d44a10cffb8346e92aded5b59c37834e38964f97f9a6a3c9df9bd5733b4187a3ada94
SSDEEP

6144:mRl4xIyzkx8RGP0veZUPv6/l+gNn4oJi+EgnlfhRakTJ/7gAablw3DdSlcq07:+lok8+0veZ+YNjE6hckix+3BSt07

Score

10^/10

Strela spyware stealer

Malware Config

Extracted

Family

Strela

C2

193.106.191.166

Targets

- Target
  
  run.ps1
- Size
  
  116B
- MD5
  
  a7ace018fd3f518bc419f7e211609e01
- SHA1
  
  deaed741f50f27d7a60a34b83cef84f905e0569f
- SHA256
  
  01fda517b82e9a91c0269977ce1bf177850811b2861b399d2fb4a5e45095cfc6
- SHA512
  
  7920e3c2fd54f821b44b778512bd031cfb2ffddd5ba36f89f0b04650ad610eb6ff0cf506111bc81328ca0746f3472506649fe9d48b1c26401cdd771f423c7b51
Score

7^/10

spyware stealer
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2