General

  • Target

    11012024_1554_10012024_glacryl.zip

  • Size

    753KB

  • Sample

    240111-jry5eacgg9

  • MD5

    a61bd8505db3ae3b641ae598d891fd15

  • SHA1

    98e4c26ce2ae5633ed1bf1e67b9b727d8c0c34ed

  • SHA256

    ae57ea82b9d7fa72ba86b01380592d1e86303d2aaac5a82459b14c251d8e9b22

  • SHA512

    a2ccbccc151ec930b7ad458ccea800a233497b757b4a607037a883a73f685a8fddeffea1fec3b480bfa3c779dbebba730be62be7aabb60693f74f20eda63611d

  • SSDEEP

    12288:/CyZj/lu66fjqWTkSROlX6ZZW6sgM/mMruVE7Y2BTwzND2zASHF/6dbG1lAhYQPG:ayPxGqdSRO4bWAdWuWBwDIFOi1l0FVM

Score
10/10

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Targets

    • Target

      INVOICE_09.01_283775838.js

    • Size

      1.8MB

    • MD5

      1a0f61f9843dc63bac8fffd4a3bbce4d

    • SHA1

      a8917cc632b4963ff2874783b446d3db5b1ad4a7

    • SHA256

      70f0ec8d202cd74c2a0cdfe18e4d1a476db3341da040474113ddeae2f60aa83e

    • SHA512

      9bf9dc892166fcdfe3d5f489542d22972442ff7792d386eff43a73e90ccbf9f273490510829c203f0cbd6eb998e42c40d6aa08576a7e85716ca45a14930b1e45

    • SSDEEP

      24576:AunJlb8K/SyQmwqM3GeGnOhTwNypgBVJz663rtw0bb2WgUbUB:1reiTn1Kg/IUbUB

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks