Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    13/07/2024, 12:05 UTC

General

  • Target

    3511.dll

  • Size

    125KB

  • MD5

    9aead6d0291d29c8939a5cf9e85ef4db

  • SHA1

    4be41fa7105f65d76fde6b0d8f3b5ff6cb1eac3a

  • SHA256

    15be66bed624ea5b5d381394c2b5628fbe4f1aad79e7f9ba7893dd5d65950bc8

  • SHA512

    ac63d505c6063830c7be5124f49fadebf2bdc1e5c95b50ce995b02b2f374790484baaf0f8ef8475c250c8bb776df47355ebdd6d84a7aba87278d4ecc531e4b09

  • SSDEEP

    3072:SdqIZ2wNAr6TB1yjFDR8OuJ/6WeTF4eNyHikDpu:dIPEOB1yjY/sTW8yCaA

Score
10/10

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3511.dll,#1
    1⤵
      PID:1072

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1072-0-0x0000000001E90000-0x0000000001EB2000-memory.dmp

      Filesize

      136KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.