General

  • Target

    8e75c8837c8288c2abd1c4ae364bb553.bin

  • Size

    2.2MB

  • Sample

    231128-cyqy2sef6s

  • MD5

    a2389780f7fd9c47855b5ccb236cf60d

  • SHA1

    40b2882c3f5d090f338a4d752f43cf699e318bed

  • SHA256

    6e150518d759d23936346061b327ff09c2a15e36da9505143788a2e8e5b31e2f

  • SHA512

    c2ac5428eb1e4efdd9ae58d801fc236120ebd335da86d37e7f71942ac7edb6daabd90c6aead7317652cd083b1e46bcd82fc74eecc508cd71eb10b64fbd6909d7

  • SSDEEP

    49152:gZi2WGN+j7dul8xN3uK+HhmGsSW450wXFeimfXPoqY+:ii2sj7MoN3utBmGJW4/VjaXAqD

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      15cacb4f952177a2bbe3834a8c2217aa6ef5b78a8cd8af42ada9ff5a992292fc.js

    • Size

      6.5MB

    • MD5

      8e75c8837c8288c2abd1c4ae364bb553

    • SHA1

      5cf4550318b5f2eaca312149f06f5872f531785a

    • SHA256

      15cacb4f952177a2bbe3834a8c2217aa6ef5b78a8cd8af42ada9ff5a992292fc

    • SHA512

      1a7cacdeca0fbc0115674e41ce4ed68051c706928a2ee87121218908af2e9bbf01c7f3bce12f9facaf98a9b0a86a10f8f6e51cd073ff346ccda3c0e020275aa1

    • SSDEEP

      24576:aM28t5oydiys4k1XWk6uyBWXJCirWqXNGLH5HvuVLptpWqm6xVowk8dppKEvzVBi:Ns47TiwQ5x2uA1Y0fm1nmlUiUbUN

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks