General

  • Target

    41ce708d4559ca9687cb35c9fc9b2ef4.bin

  • Size

    3.6MB

  • Sample

    240110-brx84sbben

  • MD5

    83de6f1a0bf43ff90ea47b1e7c339bf6

  • SHA1

    85ec17975963045afdb35a0b52eb79cb4a766e6f

  • SHA256

    d32a0995b6ce746dd5333be351fbe2c8618434f1119a03236bf1ad1c33dbb6ec

  • SHA512

    dc723386fa107bf27670d660ee34ddc351633c726513e4ed14d279f8ed4bd48cc57e5facf782c5ecce4a5ae5b2ec0f3db3b5edc5f83ffe872b18052b67075e99

  • SSDEEP

    98304:v78mLEyaV934YcsViQCEQkVkHpWi+yHfp4sO3uL:vomiaYNVHCEQkVkqwp4sr

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      543edb0f9589a6bd4b4f8f925b1d55b30e7470301b26ca3f0ad44f9c88a6e970.js

    • Size

      10.2MB

    • MD5

      41ce708d4559ca9687cb35c9fc9b2ef4

    • SHA1

      37233e06db70dd9ca5b368acfcaf172180a393d7

    • SHA256

      543edb0f9589a6bd4b4f8f925b1d55b30e7470301b26ca3f0ad44f9c88a6e970

    • SHA512

      72648faf2ec868a46bc95bc57e52ddb053ef9d74e473fb8f52c9e68df0738cd6f89eeffda52b692cb58c738b7c7644635aa98e2d9ac551affd8bf8f28e5ac3d7

    • SSDEEP

      49152:ay+skJaeMvzqql8Dji4SJAi9fXvzGzS4GSpN01foUgKH5EUbU+:ucF

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks