strela | 8aa41f930999821a09b3fdd42f2a216201953451a5de725a06bb7d096293e45e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02426799.exe
Size

318KB
Sample

230615-peeswsge5z
MD5

1bf24182154ab0b2b5062e468e0db63e
SHA1

36fbd3bc64f0efb0f361347f82ef3d4c47fa941a
SHA256

8aa41f930999821a09b3fdd42f2a216201953451a5de725a06bb7d096293e45e
SHA512

4911a979539de39631044e7ce636265f504675098141ce024c5b79f9e4443a1d4709a0be7dabe23864159cfea1fa8b04f6b78786fe7f2e769563dcca4c7efa5b
SSDEEP

6144:YVHdwslyjS3Me6W+WP9zUhZiKgWkKhIyUSTKs7:YV9V0jS8f3IZUhZlgW7IyUaKG

Score

10^/10

strela spyware stealer

Malware Config

Extracted

Family

strela

C2

91.215.85.209

Targets

- Target
  
  02426799.exe
- Size
  
  318KB
- MD5
  
  1bf24182154ab0b2b5062e468e0db63e
- SHA1
  
  36fbd3bc64f0efb0f361347f82ef3d4c47fa941a
- SHA256
  
  8aa41f930999821a09b3fdd42f2a216201953451a5de725a06bb7d096293e45e
- SHA512
  
  4911a979539de39631044e7ce636265f504675098141ce024c5b79f9e4443a1d4709a0be7dabe23864159cfea1fa8b04f6b78786fe7f2e769563dcca4c7efa5b
- SSDEEP
  
  6144:YVHdwslyjS3Me6W+WP9zUhZiKgWkKhIyUSTKs7:YV9V0jS8f3IZUhZlgW7IyUaKG
Score

10^/10

strela spyware stealer
- Strela
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

strelaspywarestealer

behavioral2

strelaspywarestealer