strela | 5247b5fa5f5539aa7eb0838a5589ec13f9e434263de47973fdad26fc28a3698e | Triage

Submit
Reports

Overview

overview

Static

static

3

orangesterrific.dll

windows7-x64

orangesterrific.dll

windows10-2004-x64

Analysis

max time kernel
140s
max time network
146s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
19-08-2023 03:42

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

orangesterrific.dll

Resource

win7-20230712-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

orangesterrific.dll

Resource

win10v2004-20230703-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

orangesterrific.dll
Size

2.9MB
MD5

ae1aa4fc8f4ca32ecfefc600206828ea
SHA1

5dfe6e3921a0a2d1c21971e15ad06b6af35570d2
SHA256

5247b5fa5f5539aa7eb0838a5589ec13f9e434263de47973fdad26fc28a3698e
SHA512

de3439ee485d62c25d74e5ef4b077b27fb58c952c1c898ebe99c465f34de7c3560ff28d554449ed6a50bdc6064e5bb17b6297049c919d565fab73eb01a67e2db
SSDEEP

49152:BO+VHl9mC9UD5L9tg9lX+37FTYHHfWPrD5+j:BO+VHl9mC9Uuz+3uezD5Y

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Signatures

Strela
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

Processes

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\orangesterrific.dll
1⤵
PID:3700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3700-133-0x0000000002B60000-0x0000000002B81000-memory.dmp

Filesize
132KB

Download
memory/3700-134-0x000000006D7C0000-0x000000006DAB8000-memory.dmp

Filesize
3.0MB

Download

© 2018-2025

Terms | Privacy