General

  • Target

    97e9c1bf29e8bc389851538fd812ad26.bin

  • Size

    3.4MB

  • Sample

    231128-czex6sef61

  • MD5

    15d77ca69398066af91b0a1fcd61ec02

  • SHA1

    97992466224f184972fdfd3e095d6ec24fba5b28

  • SHA256

    f4186136fe775a1c61586133868cc05c2dcb25ca3a3d7c3e90019cc5fa89bbb3

  • SHA512

    6a3282bb7cbd0be4a8d055f27075c8820b6eff139c1d009af5c6e47cafc10138b15a8e57b090ab0260402f2e011eb94ce0621be97a4fbffde572eefbb4a50711

  • SSDEEP

    98304:Iz2uBKhfgRtX/GarEAGo35q14HR8nvyc4QCv:IzbBafgRtv1rEAGwEWR8nvyuk

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      9059a44dc837a9ad492b17b7056d3ac02de681b8350796edeb08383f530c6b89.js

    • Size

      10.4MB

    • MD5

      97e9c1bf29e8bc389851538fd812ad26

    • SHA1

      081e897c272754a36be4084e9a978bd44be0eb0a

    • SHA256

      9059a44dc837a9ad492b17b7056d3ac02de681b8350796edeb08383f530c6b89

    • SHA512

      b0a0020a9d60422fdcc99838a855d87ea48f3acb5ec078a420d7a5f62a2e7a0480a1bd6fe09ce94616a1e74a859bd3eb53c7b940f563ed84ac4c7d59f1eca437

    • SSDEEP

      49152:cSSd8aACYFriPV6Xgdy3N3uPyYsMQ/FUbUg:VcP

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks