strela | 040430c0b2049d7efd7f3606c656f161b148b3b21e518861c423200c80c24b10 | Triage

Submit
Reports

Overview

overview

Static

static

3

MP/4.rsp.dll

windows7-x64

MP/4.rsp.dll

windows10-2004-x64

Sharing

General

Target

MP.7z
Size

134KB
Sample

240418-qdtfbsfb3t
MD5

75342998da9d7aa1627098595af7fc3c
SHA1

eedd923d508bca3158741408cfd77a727bbc3e7d
SHA256

040430c0b2049d7efd7f3606c656f161b148b3b21e518861c423200c80c24b10
SHA512

62941b3be8212d0e0847e51c41e9cbd9527ba33d57e79008e28493f7224c2bc102782abb27eab188fb35a5ef38f4883f5d134c15cc51a3891d9d16750891a02c
SSDEEP

3072:644hGWFzqUB2Qkv2D+dUCDNjR+gnJmqMkHcZC324a+cn:l4EWFzq6+xdYsykHcZCs+cn

Score

10^/10

strela stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MP/4.rsp.dll

Resource

win7-20240319-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

MP/4.rsp.dll

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

strela

C2

193.109.85.231

Attributes

url_path
/server.php
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Targets

- Target
  
  MP/4.rsp.dat
- Size
  
  252KB
- MD5
  
  9499f14143b34ea7703c73b5f9b37013
- SHA1
  
  ceff6b19826c9a4e9b9e8cbcc512d5241a27825e
- SHA256
  
  e6991b12e86629b38e178fef129dfda1d454391ffbb236703f8c026d6d55b9a1
- SHA512
  
  f14dec41f677fb3e2af064b4b7a6b3b15bec8429a831a78247513853d4ce7511ed37e89e52ebadbed03ab9115dcea3cc316b90e99c939d07402b5a554d722668
- SSDEEP
  
  6144:jzsV8coTHnuHTUhgYl8b56IqokNJpgGpkeUB:LTHuHT01B316B
Score

10^/10

strela stealer
- Detects Strela Stealer payload
- Strela stealer
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy