Overview

overview

10

Static

static

3

1500.dll

windows7-x64

10

1500.dll

windows10-2004-x64

10

1501.dll

windows7-x64

10

1501.dll

windows10-2004-x64

10

1502.dll

windows7-x64

10

1502.dll

windows10-2004-x64

10

1503.dll

windows7-x64

10

1503.dll

windows10-2004-x64

10

1504.dll

windows7-x64

10

1504.dll

windows10-2004-x64

10

1505.dll

windows7-x64

10

1505.dll

windows10-2004-x64

10

1506.dll

windows7-x64

10

1506.dll

windows10-2004-x64

10

1507.dll

windows7-x64

10

1507.dll

windows10-2004-x64

10

1508.dll

windows7-x64

10

1508.dll

windows10-2004-x64

10

1509.dll

windows7-x64

10

1509.dll

windows10-2004-x64

10

1510.dll

windows7-x64

10

1510.dll

windows10-2004-x64

10

1511.dll

windows7-x64

10

1511.dll

windows10-2004-x64

10

1512.dll

windows7-x64

10

1512.dll

windows10-2004-x64

10

1513.dll

windows7-x64

10

1513.dll

windows10-2004-x64

10

1514.dll

windows7-x64

10

1514.dll

windows10-2004-x64

10

1515.dll

windows7-x64

10

1515.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    145s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-07-2024 08:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1509.dll

  • Size

    125KB

  • MD5

    7cdfb9dda218427946183a4de4344898

  • SHA1

    5d966502b0327b69912649c6a8c20b56af96dfaa

  • SHA256

    946e821dd86f5c0472c7a7c8ddd52a3a98822ff0aedd359d3a46d729d38d7997

  • SHA512

    359422563808b4b80d06d6dae9098fe0fd25b5e587c1b3cf4767258d582791a1362a80841f1529804de60abd7a862ab543093ae1e5125a83af617e825ae505ee

  • SSDEEP

    3072:Q2hjWeg9L5EIQOeHZCAt5t6wP8B75J1KF:Q8j89NDQOoAIt6wPo7z1K

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1509.dll,#1
    1⤵
      PID:4020

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4020-0-0x000001D5BDF00000-0x000001D5BDF22000-memory.dmp

      Filesize

      136KB

      Download

    • memory/4020-1-0x000001D5BDF00000-0x000001D5BDF22000-memory.dmp

      Filesize

      136KB

      Download