Overview
overview
10Static
static
31500.dll
windows7-x64
101500.dll
windows10-2004-x64
101501.dll
windows7-x64
101501.dll
windows10-2004-x64
101502.dll
windows7-x64
101502.dll
windows10-2004-x64
101503.dll
windows7-x64
101503.dll
windows10-2004-x64
101504.dll
windows7-x64
101504.dll
windows10-2004-x64
101505.dll
windows7-x64
101505.dll
windows10-2004-x64
101506.dll
windows7-x64
101506.dll
windows10-2004-x64
101507.dll
windows7-x64
101507.dll
windows10-2004-x64
101508.dll
windows7-x64
101508.dll
windows10-2004-x64
101509.dll
windows7-x64
101509.dll
windows10-2004-x64
101510.dll
windows7-x64
101510.dll
windows10-2004-x64
101511.dll
windows7-x64
101511.dll
windows10-2004-x64
101512.dll
windows7-x64
101512.dll
windows10-2004-x64
101513.dll
windows7-x64
101513.dll
windows10-2004-x64
101514.dll
windows7-x64
101514.dll
windows10-2004-x64
101515.dll
windows7-x64
101515.dll
windows10-2004-x64
10Analysis
-
max time kernel
147s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
13/07/2024, 08:34 UTC
Static task
static1
Behavioral task
behavioral1
Sample
1500.dll
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
1500.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
1501.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
1501.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
1502.dll
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
1502.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
1503.dll
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
1503.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
1504.dll
Resource
win7-20240705-en
Behavioral task
behavioral10
Sample
1504.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
1505.dll
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
1505.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral13
Sample
1506.dll
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
1506.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
1507.dll
Resource
win7-20240705-en
Behavioral task
behavioral16
Sample
1507.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
1508.dll
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
1508.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
1509.dll
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
1509.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
1510.dll
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
1510.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral23
Sample
1511.dll
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
1511.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral25
Sample
1512.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
1512.dll
Resource
win10v2004-20240704-en
Behavioral task
behavioral27
Sample
1513.dll
Resource
win7-20240705-en
Behavioral task
behavioral28
Sample
1513.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral29
Sample
1514.dll
Resource
win7-20240705-en
Behavioral task
behavioral30
Sample
1514.dll
Resource
win10v2004-20240709-en
Behavioral task
behavioral31
Sample
1515.dll
Resource
win7-20240704-en
General
-
Target
1500.dll
-
Size
126KB
-
MD5
98809c4402c0cfdf54a144b35799c8a3
-
SHA1
dff3c8414224c7d4941c2d552378d0313d708d3a
-
SHA256
e777137eeecba87788899ec5746f46ecf3c3210f700586d7f36fa0cf6e39f385
-
SHA512
783b81bbbde3c1b9603a233e018d3f932f0c4a9e3849e223577842789f63bc13bad89226fd7c2990cb2396f631bba78b6d0f8dcbf911dcab2a436015bbc0d306
-
SSDEEP
1536:d2TqgUjdhXFygjM5j8t4dYMlEhb4fpQv9NYZSVdm0tLthoxm5FajpW2EQWEX9DwB:IVyKg45Dd9lcbkQgZSVUK5zF2X9DG
Malware Config
Extracted
strela
45.9.74.32
-
url_path
/out.php
-
user_agent
Mozilla/4.0 (compatible)
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request138.32.126.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request88.156.103.20.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request172.210.232.199.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request206.23.85.13.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request157.123.68.40.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request73.144.22.2.in-addr.arpaIN PTRResponse73.144.22.2.in-addr.arpaIN PTRa2-22-144-73deploystaticakamaitechnologiescom
-
Remote address:8.8.8.8:53Request13.227.111.52.in-addr.arpaIN PTRResponse
-
Remote address:8.8.8.8:53Request14.179.89.13.in-addr.arpaIN PTRResponse
-
72 B 158 B 1 1
DNS Request
138.32.126.40.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
88.156.103.20.in-addr.arpa
-
74 B 128 B 1 1
DNS Request
172.210.232.199.in-addr.arpa
-
72 B 146 B 1 1
DNS Request
157.123.68.40.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
206.23.85.13.in-addr.arpa
-
70 B 133 B 1 1
DNS Request
73.144.22.2.in-addr.arpa
-
72 B 158 B 1 1
DNS Request
13.227.111.52.in-addr.arpa
-
71 B 145 B 1 1
DNS Request
14.179.89.13.in-addr.arpa