strela | f3fe692959c5078378e8221aa1da93b566c99737586291f2e2de88218d4df166 | Triage

Sharing

General

Target

FE6WRF.dll.exe
Size

327KB
Sample

230612-q8pevsda2s
MD5

9fa8a7248878e07e20094d101d5f21d0
SHA1

fe1765890ba7546b91faf7f09f962a326b0644cb
SHA256

f3fe692959c5078378e8221aa1da93b566c99737586291f2e2de88218d4df166
SHA512

c40d4603a0f62ed23c64733c17a630a59572b758a4842a173c8b904c72511a63893e8351db18ccd87ee37bf6a10adc6a6bad50eeb8655a3527737a31605fcdf5
SSDEEP

6144:ECV3OPCgqgrWK3FhbyIt+w8zgjOiGx2VTKnx:EC0Tl6mr/OqVKx

Score

10^/10

strela spyware stealer

Malware Config

Extracted

Family

strela

C2

91.215.85.209

Targets

- Target
  
  FE6WRF.dll.exe
- Size
  
  327KB
- MD5
  
  9fa8a7248878e07e20094d101d5f21d0
- SHA1
  
  fe1765890ba7546b91faf7f09f962a326b0644cb
- SHA256
  
  f3fe692959c5078378e8221aa1da93b566c99737586291f2e2de88218d4df166
- SHA512
  
  c40d4603a0f62ed23c64733c17a630a59572b758a4842a173c8b904c72511a63893e8351db18ccd87ee37bf6a10adc6a6bad50eeb8655a3527737a31605fcdf5
- SSDEEP
  
  6144:ECV3OPCgqgrWK3FhbyIt+w8zgjOiGx2VTKnx:EC0Tl6mr/OqVKx
Score

10^/10

strela spyware stealer
- Strela
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

strelaspywarestealer

behavioral2

strelaspywarestealer