General

  • Target

    09022024_1655_kindergarten-wiesenbronn.zip

  • Size

    234KB

  • Sample

    240209-kt955abf77

  • MD5

    12f07d9647945adb44c01189ccebd3ad

  • SHA1

    859701bb4781af6e186ad508fd15cb56ea786ad6

  • SHA256

    ce01439b4563ef42d1536e99b4147a083f227a6639b18a4e4d9944618e4338c4

  • SHA512

    8fa34e67968c42c23f8c92090503a022d87b37b54733a6a3eafdb2136f8beb0df99b08ba4a8fcdbbc4da1becc1f5a4d101da191e2d56ad27b95bc1eab620e7ed

  • SSDEEP

    6144:JuJDvCc98uP061f2Ni9A7B4k5+ou1Fn4M77dUbHlnVW1F:JwD6561feAFn72FnVW1F

Score
10/10

Malware Config

Extracted

Family

strela

C2

91.215.85.209

Targets

    • Target

      kindergarten-wiesenbronn.js

    • Size

      1001KB

    • MD5

      cf65d4687c41648679c9cdcb24a0e824

    • SHA1

      f3966ccd310aba1e6161015f6cf6c04ccb005c0f

    • SHA256

      95e0322d029d6cda1d65a9def576455be66a7520f14fd2eabcecf1f5ddeec5e1

    • SHA512

      e1f2bf2156459b6c5c54bdcf1ac9e86d00d4d8f181d3ae5cf0bd890e683fc19d7c6d7aa10ae826903cdd46aaae9dc4bcd2ee709e5b6343401d002f841ebb1d25

    • SSDEEP

      24576:lEn1bqD0a6qak7WQzNPpWTUqiVzGzLcD2g5c08sir:4

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks