Overview

overview

10

Static

static

1

4035_4414671332562.js

windows7-x64

10

4035_4414671332562.js

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04022024_2303_02022024_tshirtstore.zip

  • Size

    601KB

  • Sample

    240204-se8yhsefgp

  • MD5

    9d2967a5b9f4d8236577c32e580d8d76

  • SHA1

    c87a333256382be2bc467ec5162feb56d0d5770f

  • SHA256

    e8caf52bbaedb485fcfe0a3b3e9aa5cc5ae3bec03f1d348c5b15075d4e67ea9a

  • SHA512

    0efa05ba448668807abb34afbd5a7bed098a0e875ea106dbb290137949957e22b460a6d63e003d0a0f6aff27a84889416fcfcd2975468202627859e41b53f877

  • SSDEEP

    12288:4ZcPxWPE6jk1sA8i+swrWl9I2Xk0S1q+ZpsfjuRkg97MLtQ+/F:4aPAsyLAP+7mDU0S1bZpsfjukg97k6QF

Score
10/10
strelastealer

Malware Config

Targets

    • Target

      4035_4414671332562.js

    • Size

      1.7MB

    • MD5

      5691f001d9a83639c5f6fed3e999e090

    • SHA1

      2ba3ef2e2cca6dfdf154b0565901b4da5833cab9

    • SHA256

      7780f61445e2a2ca907d5f1292a02da7753c8959902ea54b1e4bc5bdb655d95e

    • SHA512

      9a3188340367feab9734c183a7c43cc98a7de149ecfe3bff27e73de717d9826aa5eab1ab4f532ebcbb43a362f274866bf342c3896fa52d56659daca5daa9eb65

    • SSDEEP

      24576:NdjoqRpEnFJoYgKyWGjg5Y0SNS/tSgVNkBI2KCcaxazM9jlVQ8l4PbmFCMX1/QQS:I7RGq

    Score
    10/10
    strelastealer

    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks