General

  • Target

    3bfc100a1d2b407375d9d95dd47dc71f.bin

  • Size

    580KB

  • Sample

    231128-b5rcqaed61

  • MD5

    b271eaa4333b9a0abe35e5e9de74c94b

  • SHA1

    1bfa4a2b74e887fad3c1af1bdccba20db2277759

  • SHA256

    3982e5706b67c7cd38a164c208354d13e7eccc168ba3843b34ab01174b3552e0

  • SHA512

    60891b80cbb7b354bc4eac16bc02637a5446753870d1d5025ba90fe74a78370ce23fa0f8a5f0882df909a510286744be9532235cd51835e5be80f352ae7adaf3

  • SSDEEP

    12288:+yt/4uxRFfoR9HjZTtKD1kt2VRUcxK+Gw8v2khLbkZspmCnhkNO:+y/dfoR91ekWUcg+/42khLbkjC2NO

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      c5e02893f3684d719644f37d8240e45f52ee79e452f45f2d8e31e4afe426cf94.js

    • Size

      1.4MB

    • MD5

      3bfc100a1d2b407375d9d95dd47dc71f

    • SHA1

      ba92e800ec742f31ba113d2a59cbb7b72022ff05

    • SHA256

      c5e02893f3684d719644f37d8240e45f52ee79e452f45f2d8e31e4afe426cf94

    • SHA512

      a6d20699760381449fa5db531f76bf320854ef4f2792868e1dd7fdd53850dbaacaa58bf841d9fd48321b9dd2d2fc6ea5c3db86d887b505cd9451f1617cf6388c

    • SSDEEP

      12288:3DlUUcdtPY2lKbo9KRoMRDmYnwmAMfh07n2OwmBPLMW1fTnBAuxLJ6W0IQkS+XsY:WZYkmpWNV1fjS8VbQhqAm1LUjMpPpT

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks