General

  • Target

    FACTURA_1662927893.js

  • Size

    4.9MB

  • Sample

    231012-ab3yzscg2t

  • MD5

    a639233c19489eace132ad82a42df5a4

  • SHA1

    3035708facc5f29c8e7e4e6fe838d4cdf61e5c28

  • SHA256

    389c5f29a922e6ae38e9d4999b5b8149ad5bdc6378e733fb3581ccc272931e86

  • SHA512

    50c9e2064461cc8d83bd67c2b79294608aac75f7fea4205227c8ea86e6a4d00bf0d666a5701f8660ab80a168eb3cec58ed16f6424767294e10e1a4aa5ba2b916

  • SSDEEP

    24576:5haPEhagriP3yLbFNa0r0wQ5yzbLZoxE7m98Sn/dD2wxIt2VQi+k7lAcl5C70UVk:DagZgX0n57Yc2GnUbUm

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      FACTURA_1662927893.js

    • Size

      4.9MB

    • MD5

      a639233c19489eace132ad82a42df5a4

    • SHA1

      3035708facc5f29c8e7e4e6fe838d4cdf61e5c28

    • SHA256

      389c5f29a922e6ae38e9d4999b5b8149ad5bdc6378e733fb3581ccc272931e86

    • SHA512

      50c9e2064461cc8d83bd67c2b79294608aac75f7fea4205227c8ea86e6a4d00bf0d666a5701f8660ab80a168eb3cec58ed16f6424767294e10e1a4aa5ba2b916

    • SSDEEP

      24576:5haPEhagriP3yLbFNa0r0wQ5yzbLZoxE7m98Sn/dD2wxIt2VQi+k7lAcl5C70UVk:DagZgX0n57Yc2GnUbUm

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks