Overview

overview

10

Static

static

3

3500.dll

windows7-x64

10

3500.dll

windows10-2004-x64

10

3501.dll

windows7-x64

10

3501.dll

windows10-2004-x64

10

3502.dll

windows7-x64

10

3502.dll

windows10-2004-x64

10

3503.dll

windows7-x64

10

3503.dll

windows10-2004-x64

10

3504.dll

windows7-x64

10

3504.dll

windows10-2004-x64

10

3505.dll

windows7-x64

10

3505.dll

windows10-2004-x64

10

3506.dll

windows7-x64

10

3506.dll

windows10-2004-x64

10

3507.dll

windows7-x64

10

3507.dll

windows10-2004-x64

10

3508.dll

windows7-x64

10

3508.dll

windows10-2004-x64

10

3509.dll

windows7-x64

10

3509.dll

windows10-2004-x64

10

3510.dll

windows7-x64

10

3510.dll

windows10-2004-x64

10

3511.dll

windows7-x64

10

3511.dll

windows10-2004-x64

10

3512.dll

windows7-x64

10

3512.dll

windows10-2004-x64

10

3513.dll

windows7-x64

10

3513.dll

windows10-2004-x64

10

3514.dll

windows7-x64

10

3514.dll

windows10-2004-x64

10

3515.dll

windows7-x64

10

3515.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ca5b9d425c1293d3250611db61fb9f9781ad72c1374f0f3ec4096b687d32c5c1.zip

  • Size

    51.1MB

  • Sample

    240713-n9b5tazdrj

  • MD5

    16cc2a1cffa9c05c23b010cf69bcc786

  • SHA1

    8fd712d23aa3b49bd92ad243f736ac0d1e7b2d56

  • SHA256

    ca5b9d425c1293d3250611db61fb9f9781ad72c1374f0f3ec4096b687d32c5c1

  • SHA512

    e17ece47d2daf144eb5fe92868cada5d9c2d74e2bdaf018616505c9a3ddc6b3bccaf52da8eb6d37e35fa1547e38b9aa361311d6d54f113a22243d8ede3cc4938

  • SSDEEP

    1572864:ILHp6FDsG+MJYbQvANisQvTQ8WLqh3AaJJ6Rju6+XrWBWqVB+:IL8Fr7Jlvc8WLqhd2x5+XCBTVB+

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Targets

    • Target

      3500.dll

    • Size

      124KB

    • MD5

      26912db9ada884eacda8e236e88f7942

    • SHA1

      abc974678cf9dcf55f2bd119d0793eb1fd2d7b5b

    • SHA256

      3ace0708305008a0c0a44dfb7fd05ade298d0b67a895eca9d9fc1c3dae7ae63d

    • SHA512

      0ad4e06d3e85aa0d0a68c42611d784a00a6863b35bff10cec90c47477efd617a944e249de607511f77db054042dbfa1ccda29ff86c6bfcbd23c6686e14ad9273

    • SSDEEP

      3072:MblAYez5JG2ZTfrV8IsB5Yi4VC8Zh8TB:aAjDfS3R4VCU8TB

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral1behavioral2

    • Target

      3501.dll

    • Size

      125KB

    • MD5

      c25651ac8668395b5314278688744cca

    • SHA1

      ae41faac98849346c2e0b78edc28994475d8150b

    • SHA256

      1cad3082b55b862b153289d1cc59fc99a3881381fff5bf8eeb0690344758d843

    • SHA512

      9063babfb4a5fd21757d077b87f95bb1afb4d4947f8d69cfcd39865eb9ae4042c4b59d07c093947806ebc5f477c326ab6590f521a3b97a3cb0c62e459d5bdb84

    • SSDEEP

      3072:7tIITT5ezg415RZLp5sQPL0Zeh+gWfYly:5kLH+QPQSMYly

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral3behavioral4

    • Target

      3502.dll

    • Size

      126KB

    • MD5

      5823d02ed16c36b1bd71ff8ae62b533e

    • SHA1

      698d3841842ad3479811274597da2e4e31b22a5c

    • SHA256

      45a39e975113183a99083c703755cfc4d0e18044d3d119ebb0ff1225191a8991

    • SHA512

      7a5236e22180a5f09ad356cf42a587deb5645c95414ed6395a3fb52a43ed75c3b1fab325cb23cdd507ba0cd384a0358059bab6352e90c6e9ead9e5107561b2bc

    • SSDEEP

      3072:a50OUiXGff4jjWJcLYbjQdhen+h3TszA2uoM:a5tUiqwjjWJcL88/enqjszRq

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral5behavioral6

    • Target

      3503.dll

    • Size

      124KB

    • MD5

      d86256c998159a0c167d97e50d689bbe

    • SHA1

      e9f1acffeeec8d26567e63d33ffa12b09e82bcb0

    • SHA256

      3e13be5e29109cbf586b6e5462da1e49117e7328f3c63a67013c405cf06210d8

    • SHA512

      8769b50aa4029ea6dd0dcf662ce21c768a6e64c240d5ca8eddeb02b0415b1367408753c7a031e434a61208bb95adf6b144509f8cdab958472ffefa9eb3c538e3

    • SSDEEP

      3072:CEsP4RYRtIC9IooaSo7jqYW1t33R3xgsL:CE0buyIoaJYW33B3xg

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral7behavioral8

    • Target

      3504.dll

    • Size

      124KB

    • MD5

      0de29b31eca17d5a7f55a1d3b8a75b05

    • SHA1

      9eb5ef8c6540eb631f4a3416eda8f6c779c79139

    • SHA256

      b1f994403bf659c2f2d35314105868c31ee0c3814042012fcb86fe4a88ff7e3d

    • SHA512

      ad1a31f723bce934ff3bd5d86ac87dfba693243d988832e1f173516b11457f1fc3b261fcb46ae3eba02b965b9529a0eba8306e5d54d4cf4be7addd1921e4cebf

    • SSDEEP

      3072:bwPYUYSwksrxwqVfHWsw3KkNvYRYQxOK3:bM9wkKxNfHWh3KkNvfQx

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral10behavioral9

    • Target

      3505.dll

    • Size

      126KB

    • MD5

      da3de18d50593091ee62c7918d9875d4

    • SHA1

      c9e29fea4e9e0c6d40c5ac0ca3888626cb11ab0d

    • SHA256

      5d0fb2b2bf2c8212cc3b9186fa15c9ca4b2626a224522ae80a7c98daef972f02

    • SHA512

      a53bcbf17446fba5fbb4bc71c8337e61748a44dc5945c913012e7e9256a6e24091d20c6170e39b33d934aa7d6832d21b36bc04f4e810caa84eff5f69d42dd9c9

    • SSDEEP

      3072:qvXWErFe89u3w/zgaEHP/9AXJAjXc4Ra:qvpw89ugEaEvFIcM4c

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral11behavioral12

    • Target

      3506.dll

    • Size

      124KB

    • MD5

      875af77bd19d113ee489358b41716662

    • SHA1

      64d8d2a3b15388783a77504f9cf016bf3de66a88

    • SHA256

      93f8f7dea9127f8c772279176b858394213070afde81f6886c449c32e570007b

    • SHA512

      1f70fc97947c1580b8f374d6ba6e0a3dbf23922a10451a4357eca0ba9ab4b90b3ff840e49457cc58048e9591100ba185cd52cdce2497bf44556663373a34c427

    • SSDEEP

      1536:XA6R0v8XlfdIqk7SXtZPhABv9lDXWlAcX/aqK8+LBG6fuGB11qvvyhj0GqB7pJJR:Q6R0gIxSbZAlDX8//mbviyqQt

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral13behavioral14

    • Target

      3507.dll

    • Size

      123KB

    • MD5

      9267553990e3ce8dc907cb6000c403d6

    • SHA1

      88f5bad43c8570940f254df7cf66b9fbae8b36a6

    • SHA256

      674ccaa4de7895dc919a1e666d380183fad47e037616c269166b618d0058043b

    • SHA512

      934677c64be7b4dfea9b300c578c16763c1f2d29b5a99f343fe6cfa3eff4e7ebfc3a6673038dab8b1b11a35040edb808fe052241d120e18ecf29475e579d1a80

    • SSDEEP

      3072:EtClIB0oxtHrmsQcT4Yl0+k5Jt2ztDuOnhm:EtaofQSc5JuLm

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral15behavioral16

    • Target

      3508.dll

    • Size

      124KB

    • MD5

      dc6ad8675365e3e829e4be747aa295cd

    • SHA1

      f65b4c88cd5e34aba798b37790d6a89d067a99f5

    • SHA256

      19d037a76b57623a4972be5326c147b60aad52f33b80abcdf5c137e4c159602a

    • SHA512

      91d4a35585d736e9496db6155c86d72fbb64aaa367b013031e08bfa5dadd53c8392a45c47b7b10f0127107315c4d69d48ff63a14ad3b4107b1e707225b5b2167

    • SSDEEP

      3072:ql6orFCwbU9EyCZ3cNIHC1LAFRM9+o973n6Ln/t:LorPb6yApD973

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral17behavioral18

    • Target

      3509.dll

    • Size

      125KB

    • MD5

      9490ed3673ef571816040d923f51be20

    • SHA1

      d79d0a274943d82066ba2c36f3d8f176be89d8da

    • SHA256

      a49c69bb42d3e21102275db54f60e6bdbaf5ecb8bd477e680863c9fb8ba7e435

    • SHA512

      d972a3c4b0ee975fab46944a56215693580b8144d0017d13e89398a832ccedc4ee1c396a7dbcf3a82165ecf9b94ece04a7700b4bff70fb57728ad45e2789edec

    • SSDEEP

      3072:ATS6drATtAtERpku/TAESKN2tX1M0v/jhJsMsdW:AGW6tAtERTHSoK1Zv/jps8

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral19behavioral20

    • Target

      3510.dll

    • Size

      123KB

    • MD5

      edd7247f66d7fca79ef6b6d34d461fed

    • SHA1

      699211199c94456eedaca7c25b404a0772ec6733

    • SHA256

      8aa4e50343ea413f4a564385ce86ab3e1b35a7f4753ca49a4da87cad026bb082

    • SHA512

      c997a64d9da890bad9d8ea976de826d09b535d6769d15545d59e9b80c25366338f4d4bb35173fb9705f5cf8a8602c24f700e55ff815f49139f08ea1c8122f75a

    • SSDEEP

      3072:SmAkjU1OFvg0qUBQh+tBscT9HGLE4TjPxzZXjvzd5:S3kRvgUNBsvjPhZXd

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral21behavioral22

    • Target

      3511.dll

    • Size

      125KB

    • MD5

      9aead6d0291d29c8939a5cf9e85ef4db

    • SHA1

      4be41fa7105f65d76fde6b0d8f3b5ff6cb1eac3a

    • SHA256

      15be66bed624ea5b5d381394c2b5628fbe4f1aad79e7f9ba7893dd5d65950bc8

    • SHA512

      ac63d505c6063830c7be5124f49fadebf2bdc1e5c95b50ce995b02b2f374790484baaf0f8ef8475c250c8bb776df47355ebdd6d84a7aba87278d4ecc531e4b09

    • SSDEEP

      3072:SdqIZ2wNAr6TB1yjFDR8OuJ/6WeTF4eNyHikDpu:dIPEOB1yjY/sTW8yCaA

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral23behavioral24

    • Target

      3512.dll

    • Size

      124KB

    • MD5

      7cb8c59906f4e76d28158fd11cfd79de

    • SHA1

      08f7bb5cd7b24ffda4a41475dfd4d2424a43e324

    • SHA256

      4af12910e4b2130b4c2b7d243466a23982d9a707b0da610cb92f49fb05a92433

    • SHA512

      766df79b8980a17ed16cca077c88f54e1e8111ca56a2c5be876a071578edeac697bddc0dc2dc47145ae8b49e0fc1c00517730180c8f88c4dcc190678a0b06a10

    • SSDEEP

      3072:WoEdMqxV1Haluc1rLXRW1+ElsWyz4FVGadBK6S:rEdMEpcFRoTls5z5adB

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral25behavioral26

    • Target

      3513.dll

    • Size

      125KB

    • MD5

      5f6d0197a069f38b8fe76f3f26cc01a0

    • SHA1

      9ac073779d869ef28f070cccb015b82c73c2d461

    • SHA256

      c2f02a192f71ac5ea357eec54eab001ee27a21216be2e2b41e81037f40616bf2

    • SHA512

      a7fa937252964ade5a22afa35283515f1a74c3611500a9bc8b5cf9314ad4ebf93877b54107f154505007dec074b48c04b4873bdb9dca65e1ca2e476fccc06b3b

    • SSDEEP

      3072:/6WqPB+3UkSxorDhQQm2QzwdRiEZOqVYezu/zu05SA6EM:i1+kHo5xQUvZOqVJ+z/0Ay

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral27behavioral28

    • Target

      3514.dll

    • Size

      123KB

    • MD5

      6b5864231ef2ab89315c4a51b64cc391

    • SHA1

      e539beb32def18c65f0c089420fbe9d84f70e605

    • SHA256

      d6e193e04e64a6e714b73b1d3857d636217dba102933c049b73462579dbd2fa6

    • SHA512

      6e1a1cf65413a569a262d0b052add2dcd77da7cd1a9984b18c82e9a043c861579e70718933a21315f78a2ccfd377e2752d5d8e241ac5dea6f9a815420e69d7c7

    • SSDEEP

      3072:HKdHf8iCzo/n9684qOBlYfY0uLzGjzhsLPonQ8:HKdHf80NylH0uGjNsUnf

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral29behavioral30

    • Target

      3515.dll

    • Size

      123KB

    • MD5

      c416011f5d516140c948bbd83b12e440

    • SHA1

      f831d54959f01f193cb0785a1f6d4a11465ca3ea

    • SHA256

      3ed9e3eed6ec0bc61a05fc4c9763878b55a0b6cdeb661ab1588772bf9658409c

    • SHA512

      bcc68c92a7ceb6ccff96dcf0c32f933253d87f4555e07ee3caa2362896fe29d053682b0c18083a1314671eafa7c9bab8531a4709c9bb0223b79903e579e6139e

    • SSDEEP

      3072:pBw4mlftchL4h8wKjF+BTMVxbDk8F5i1EY:7w9zch0+Bbv5Xi1E

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

Score
3/10

behavioral1

strelastealer
Score
10/10

behavioral2

strelastealer
Score
10/10

behavioral3

strelastealer
Score
10/10

behavioral4

strelastealer
Score
10/10

behavioral5

strelastealer
Score
10/10

behavioral6

strelastealer
Score
10/10

behavioral7

strelastealer
Score
10/10

behavioral8

strelastealer
Score
10/10

behavioral9

strelastealer
Score
10/10

behavioral10

strelastealer
Score
10/10

behavioral11

strelastealer
Score
10/10

behavioral12

strelastealer
Score
10/10

behavioral13

strelastealer
Score
10/10

behavioral14

strelastealer
Score
10/10

behavioral15

strelastealer
Score
10/10

behavioral16

strelastealer
Score
10/10

behavioral17

strelastealer
Score
10/10

behavioral18

strelastealer
Score
10/10

behavioral19

strelastealer
Score
10/10

behavioral20

strelastealer
Score
10/10

behavioral21

strelastealer
Score
10/10

behavioral22

strelastealer
Score
10/10

behavioral23

strelastealer
Score
10/10

behavioral24

strelastealer
Score
10/10

behavioral25

strelastealer
Score
10/10

behavioral26

strelastealer
Score
10/10

behavioral27

strelastealer
Score
10/10

behavioral28

strelastealer
Score
10/10

behavioral29

strelastealer
Score
10/10

behavioral30

strelastealer
Score
10/10

behavioral31

strelastealer
Score
10/10

behavioral32

strelastealer
Score
10/10