General
-
Target
MP.7z
-
Size
134KB
-
Sample
240418-qdtfbsfb3t
-
MD5
75342998da9d7aa1627098595af7fc3c
-
SHA1
eedd923d508bca3158741408cfd77a727bbc3e7d
-
SHA256
040430c0b2049d7efd7f3606c656f161b148b3b21e518861c423200c80c24b10
-
SHA512
62941b3be8212d0e0847e51c41e9cbd9527ba33d57e79008e28493f7224c2bc102782abb27eab188fb35a5ef38f4883f5d134c15cc51a3891d9d16750891a02c
-
SSDEEP
3072:644hGWFzqUB2Qkv2D+dUCDNjR+gnJmqMkHcZC324a+cn:l4EWFzq6+xdYsykHcZCs+cn
Static task
static1
Behavioral task
behavioral1
Sample
MP/4.rsp.dll
Resource
win7-20240319-en
Malware Config
Extracted
strela
193.109.85.231
-
url_path
/server.php
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Targets
-
-
Target
MP/4.rsp.dat
-
Size
252KB
-
MD5
9499f14143b34ea7703c73b5f9b37013
-
SHA1
ceff6b19826c9a4e9b9e8cbcc512d5241a27825e
-
SHA256
e6991b12e86629b38e178fef129dfda1d454391ffbb236703f8c026d6d55b9a1
-
SHA512
f14dec41f677fb3e2af064b4b7a6b3b15bec8429a831a78247513853d4ce7511ed37e89e52ebadbed03ab9115dcea3cc316b90e99c939d07402b5a554d722668
-
SSDEEP
6144:jzsV8coTHnuHTUhgYl8b56IqokNJpgGpkeUB:LTHuHT01B316B
-
Detects Strela Stealer payload
-