strela | ef5a4eb40733a378ba1dbfdeeecbcd0ba776d1fe7c293a703ee1431cc2a5f248 | Triage

Submit
Reports

Overview

overview

Static

static

3e1b475608...18.exe

windows7-x64

3e1b475608...18.exe

windows10-2004-x64

Sharing

General

Target

3e1b475608a0f58b4f611025edbcb99b_JaffaCakes118
Size

5.4MB
Sample

240712-t797qa1gqm
MD5

3e1b475608a0f58b4f611025edbcb99b
SHA1

987e3e93bd65b4e17d341fe2c7986fa596249b33
SHA256

ef5a4eb40733a378ba1dbfdeeecbcd0ba776d1fe7c293a703ee1431cc2a5f248
SHA512

67acaf217150b3a073018c83614c61e8c9b2d58ce4ab849b3973d1eb024d9227aa8200caa9348b3313b3d43ea5c66bdd5e582d0b2e24fa64b672afe7361025c3
SSDEEP

49152:OQJ3vdwlU0AP5kdYTDuvFFrj1qWsWG9Adva5yheSWYJ0q:74U0AP5GYTMFFrc0va5yheSWYJ0q

Score

10^/10

strela spyware stealer upx

Static task

static1

4 signatures

Behavioral task

behavioral1

Sample

3e1b475608a0f58b4f611025edbcb99b_JaffaCakes118.exe

Resource

win7-20240708-en

strela stealer upx

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

3e1b475608a0f58b4f611025edbcb99b_JaffaCakes118.exe

Resource

win10v2004-20240709-en

strela spyware stealer upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  3e1b475608a0f58b4f611025edbcb99b_JaffaCakes118
- Size
  
  5.4MB
- MD5
  
  3e1b475608a0f58b4f611025edbcb99b
- SHA1
  
  987e3e93bd65b4e17d341fe2c7986fa596249b33
- SHA256
  
  ef5a4eb40733a378ba1dbfdeeecbcd0ba776d1fe7c293a703ee1431cc2a5f248
- SHA512
  
  67acaf217150b3a073018c83614c61e8c9b2d58ce4ab849b3973d1eb024d9227aa8200caa9348b3313b3d43ea5c66bdd5e582d0b2e24fa64b672afe7361025c3
- SSDEEP
  
  49152:OQJ3vdwlU0AP5kdYTDuvFFrj1qWsWG9Adva5yheSWYJ0q:74U0AP5GYTMFFrc0va5yheSWYJ0q
Score

10^/10

strela stealer upx spyware
- Detects Strela Stealer payload
- Strela stealer
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

strelastealerupx

behavioral2

strelaspywarestealerupx

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.