strela | 7c796e8277fa41ad68ee1a5bed21591ddac49195de6285b628e9d6265ecde2ca | Triage

Sharing

General

Target

1.js
Size

3MB
Sample

230828-ys84bsff86
MD5

f3b0e72e66e1324a2ab94285f069501a
SHA1

d96cb05ee0d622d3cab1c163bddc5e1d8e5280d2
SHA256

7c796e8277fa41ad68ee1a5bed21591ddac49195de6285b628e9d6265ecde2ca
SHA512

9c2847a3f9bda12f75afbb4c46cbd8c00177f290722ffe83f819fea9802d6d896c719f0910ca1eb4192a09c786d3134f504e54a93df9bb77b9d82f899b9db197
SSDEEP

49152:KHEsW6XqiNJhdW2QwkV++sNUrw2CatUbUt:vcC

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

- Target
  
  1.js
- Size
  
  3MB
- MD5
  
  f3b0e72e66e1324a2ab94285f069501a
- SHA1
  
  d96cb05ee0d622d3cab1c163bddc5e1d8e5280d2
- SHA256
  
  7c796e8277fa41ad68ee1a5bed21591ddac49195de6285b628e9d6265ecde2ca
- SHA512
  
  9c2847a3f9bda12f75afbb4c46cbd8c00177f290722ffe83f819fea9802d6d896c719f0910ca1eb4192a09c786d3134f504e54a93df9bb77b9d82f899b9db197
- SSDEEP
  
  49152:KHEsW6XqiNJhdW2QwkV++sNUrw2CatUbUt:vcC
Score

10^/10

strela stealer
- Strela
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2