General

  • Target

    I103891831.js

  • Size

    10.2MB

  • Sample

    240108-vp9nxaebcm

  • MD5

    41ce708d4559ca9687cb35c9fc9b2ef4

  • SHA1

    37233e06db70dd9ca5b368acfcaf172180a393d7

  • SHA256

    543edb0f9589a6bd4b4f8f925b1d55b30e7470301b26ca3f0ad44f9c88a6e970

  • SHA512

    72648faf2ec868a46bc95bc57e52ddb053ef9d74e473fb8f52c9e68df0738cd6f89eeffda52b692cb58c738b7c7644635aa98e2d9ac551affd8bf8f28e5ac3d7

  • SSDEEP

    49152:ay+skJaeMvzqql8Dji4SJAi9fXvzGzS4GSpN01foUgKH5EUbU+:ucF

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      I103891831.js

    • Size

      10.2MB

    • MD5

      41ce708d4559ca9687cb35c9fc9b2ef4

    • SHA1

      37233e06db70dd9ca5b368acfcaf172180a393d7

    • SHA256

      543edb0f9589a6bd4b4f8f925b1d55b30e7470301b26ca3f0ad44f9c88a6e970

    • SHA512

      72648faf2ec868a46bc95bc57e52ddb053ef9d74e473fb8f52c9e68df0738cd6f89eeffda52b692cb58c738b7c7644635aa98e2d9ac551affd8bf8f28e5ac3d7

    • SSDEEP

      49152:ay+skJaeMvzqql8Dji4SJAi9fXvzGzS4GSpN01foUgKH5EUbU+:ucF

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks