strela | 544887bc3f0dccb610dd7ba35b498a03ea32fca047e133a0639d5bca61cc6f45 | Triage

Sharing

General

Target

544887bc3f0dccb610dd7ba35b498a03ea32fca047e133a0639d5bca61cc6f45.js
Size

345KB
Sample

240326-cn9y6sbg63
MD5

301503edfb1ea723b231b416c2a81f0f
SHA1

dd41fda85637d2593ef4aad407371ec830fe171d
SHA256

544887bc3f0dccb610dd7ba35b498a03ea32fca047e133a0639d5bca61cc6f45
SHA512

f5df4b28a0f012b458026ef7caa2f460f51476a67e63e63641631dc5672b4920422618afb36af17373ffdfcc678370dc965678f3d3f1dda5326589c2a471f9d5
SSDEEP

6144:FSxcuKYMvWe+ch9Bi7PoOCSElpHMnOInDOWPZsngSKTj+c42pf:+cRYMv5+ctgEBmODYsw+h2pf

Score

10^/10

strela stealer

Malware Config

Targets

- Target
  
  544887bc3f0dccb610dd7ba35b498a03ea32fca047e133a0639d5bca61cc6f45.js
- Size
  
  345KB
- MD5
  
  301503edfb1ea723b231b416c2a81f0f
- SHA1
  
  dd41fda85637d2593ef4aad407371ec830fe171d
- SHA256
  
  544887bc3f0dccb610dd7ba35b498a03ea32fca047e133a0639d5bca61cc6f45
- SHA512
  
  f5df4b28a0f012b458026ef7caa2f460f51476a67e63e63641631dc5672b4920422618afb36af17373ffdfcc678370dc965678f3d3f1dda5326589c2a471f9d5
- SSDEEP
  
  6144:FSxcuKYMvWe+ch9Bi7PoOCSElpHMnOInDOWPZsngSKTj+c42pf:+cRYMv5+ctgEBmODYsw+h2pf
Score

10^/10

strela stealer
- Strela
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2