strela | 16dbe515cf6abb556aeec4f89f837af4fb66f8d279dcd05832cc9b9eb9c29d4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a6c6d9614e572fedbfb8d2eb108bb42.bin
Size

514KB
Sample

240202-bqtvascham
MD5

adcbfad7139e7c3572f9e8c4fe531450
SHA1

42f6b9e213eb676904c90202001bbf819737a921
SHA256

16dbe515cf6abb556aeec4f89f837af4fb66f8d279dcd05832cc9b9eb9c29d4f
SHA512

438979540d0f56383f41d3f0ffb1842028fc1e23dd057580af4e67123e18108dd55c15c0108e93fd066751fa636b2b672a5568409e417cdc66493bebc6b815b5
SSDEEP

12288:A/9tjK5c+LYkan+XWblpxaW6VI5yr5yTem+b7:k9xK5cYYUWb1aWkbr5yTa7

Score

10^/10

strela stealer

Malware Config

Targets

- Target
  
  23107ced99838695bf4391c1271bafce47fad96e95b28f52df0a060038f80a7b.js
- Size
  
  1.4MB
- MD5
  
  6a6c6d9614e572fedbfb8d2eb108bb42
- SHA1
  
  347b37c4eb1c9d6f6d18d7ec13291436b43bab79
- SHA256
  
  23107ced99838695bf4391c1271bafce47fad96e95b28f52df0a060038f80a7b
- SHA512
  
  e7b0a9980f6a08c709ce251baf43553c1799dd7593ad8620d80aeaa1366934072bfd40edbc4d3b6660e8c31b6a74577ad34eb7fd93a3685ac4504eed58c22499
- SSDEEP
  
  24576:68+ynjkFpqZ5YszaGTWeo2a2QQrcuCUw2eQBJeOsvWthPVtd9qu2X+DlvCu0903s:aN
Score

10^/10

strela stealer
- Strela
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2