General

  • Target

    XDR_ResponseApp_CollectFile_RM-20240219-00004_91d04b38-9cf1-40cb-bcaa-7774254ddf2d_20240219T145443Z.7z

  • Size

    365KB

  • Sample

    240219-vhdmwshd35

  • MD5

    af0104a0f89311076031a416ba08dcb3

  • SHA1

    6f281ee4bb18ebf0590cd11d3730f5bb12c31ae4

  • SHA256

    b7b12febaaca57c9e2eb77a602091823673e44cdc104ec31f053fd80f1c4c9bf

  • SHA512

    f4b3981ef15e11df1894ca2c55e76950b02ae183b379d4f398f8f779e9ef03384e3be0096a29fb7127b598bd84139b87e88b262fe73f60a263a4f1bfdaa81c8a

  • SSDEEP

    6144:jYcCU/wXZUQNywyuZIqeW/lvqg8zEo3BymielLs2btg+I8pGtIQs:jYcYtNHjrYg4Ry/etZHpG6P

Score
10/10

Malware Config

Targets

    • Target

      12843_12787719123142.js

    • Size

      1.6MB

    • MD5

      f8486079374c877838105e2abee989ea

    • SHA1

      42492020df4f434b815ba4a4805f29a986f6b797

    • SHA256

      0747d133621a738dfb820f8d895903b29261da67e664380d2a914441463d27ed

    • SHA512

      7d42acf7a0c0632d4f2917c654878b2bea7b49e49a49d928cad1548e4e92b2b8ae89d0f9b0da50184ae6d4c123625436fb0ae676bdb36849c7800e39fe54e7cf

    • SSDEEP

      24576:pFLU7MNTsNE4/qhUPSBMGFQNON6USkrFAp0TK4SRSWn4HLz8jgwhcEs4xynX7USa:3HB1hnG

    Score
    10/10
    • Strela

      An info stealer targeting mail credentials first seen in late 2022.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks