strela | f4c30124e82695f3211d20f95e6e9799d3a1a232dd1d5b754d1a67f575a598c3 | Triage

Sharing

General

Target

abi.zip
Size

1MB
Sample

230825-pfs2xabe99
MD5

ef00efde3e45c6be096e0042bffb32fe
SHA1

85200f9edccf23ec991d1b9a9d5680e1cf502955
SHA256

f4c30124e82695f3211d20f95e6e9799d3a1a232dd1d5b754d1a67f575a598c3
SHA512

0145fc7dd4815cfcf524c550fcf28ff67fce2b9c67138a9481f284a5e219f52ad0612d9d559da7a1f028108ad01fd22ebbf1cc525f0a0ae55c77b47880bb8c51
SSDEEP

49152:AWEbzVZ9Pi7U1yt3Zy9jMw2v6CDD5l49/Lql1Rp:Yb5Z9K7Vt3ZajMyElajs1D

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

- Target
  
  11731140153250.js
- Size
  
  4MB
- MD5
  
  291b66072f24143e5f569f1f38e13d46
- SHA1
  
  bb2a9c679dab963fe139c3f1f7564b93b631d67a
- SHA256
  
  644816bcfdfa953ce65884c5091bccde628993b90f67c71f70aa34c405d8cac0
- SHA512
  
  bdf2412f23483149e848ceababd59a9d07fe691dbb74176450f40a1268a1d8e3eba602ce6c03693b21f3df233c4c96e3759300ad759025002827a47fa617c6bb
- SSDEEP
  
  24576:4zUFw3QL3LaSKkOOn4/z3HmL2uOhyAz7UFN9fxPjdT283+cJThP9nstTB73+CJVv:nPKa+0nsh7J1ZZkwuTcGdUbU+
Score

10^/10

strela stealer
- Strela
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2