Overview

overview

10

Static

static

3

970.dll

windows7-x64

10

970.dll

windows10-2004-x64

10

971.dll

windows7-x64

10

971.dll

windows10-2004-x64

1

972.dll

windows7-x64

10

972.dll

windows10-2004-x64

10

973.dll

windows7-x64

10

973.dll

windows10-2004-x64

10

974.dll

windows7-x64

10

974.dll

windows10-2004-x64

10

975.dll

windows7-x64

10

975.dll

windows10-2004-x64

10

976.dll

windows7-x64

10

976.dll

windows10-2004-x64

10

977.dll

windows7-x64

10

977.dll

windows10-2004-x64

10

978.dll

windows7-x64

10

978.dll

windows10-2004-x64

10

979.dll

windows7-x64

10

979.dll

windows10-2004-x64

10

98.dll

windows7-x64

10

98.dll

windows10-2004-x64

10

980.dll

windows7-x64

10

980.dll

windows10-2004-x64

10

981.dll

windows7-x64

10

981.dll

windows10-2004-x64

10

982.dll

windows7-x64

10

982.dll

windows10-2004-x64

10

983.dll

windows7-x64

10

983.dll

windows10-2004-x64

10

984.dll

windows7-x64

10

984.dll

windows10-2004-x64

10

Resubmissions

13-07-2024 11:14

240713-ncevfazhpa 10

13-07-2024 10:54

240713-mzz88axhkm 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    strelasmb.zip

  • Size

    495.0MB

  • Sample

    240713-ncevfazhpa

  • MD5

    e2df23506b3c378545896eef554832e2

  • SHA1

    857147cf934d73ad0ca26982b362394f2ed3a72e

  • SHA256

    bd75fe8c744f1276f42229065c281463a34ae29b4c4afe9b1045a263a11c4103

  • SHA512

    4c7ed5acb0e6715321cd2b6f889d44f418d26eb40d6601b1715ae7b4feb68741bacea10a04a200887939a0df85029b52fe3ac1b35d8eaa52d94c3bf96a1152b4

  • SSDEEP

    6291456:awItYUVNvn6EuHWGQCtaPwyaWI8mA4j/GcN5berj+Ly6WsWMVh9cqk5Sjls4qavB:5Iu5HoNYyaUcnwDRcIqk5GK4Wc

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Targets

    • Target

      970.dll

    • Size

      126KB

    • MD5

      230811b85eeca39981c5ca4154ce2407

    • SHA1

      f38e1690b13f0b45f7c7b84c5ead91149e624134

    • SHA256

      81b4baab148318a026481b847df598e96296e530368a01b18bcf0a5e3be0ce2e

    • SHA512

      7755a17bed8e69f4246fb26e133db3e9cace49347f92abe9d915523fc9d34a85507a4eefc170e334605868ba22fbb390908fa2df7d9ee0065d95495d594543ac

    • SSDEEP

      3072:bVvqWtyjjgljM5OSRX65jby2HhRGOlEroASHOqp+j24i:bVlo8MRRX+/xHhNIilP

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral1behavioral2

    • Target

      971.dll

    • Size

      124KB

    • MD5

      c0e559bc1ed96532c24de807f21ede23

    • SHA1

      a22b5d048d4aa02d6a0a31a605abf6421d661fc4

    • SHA256

      351edd8cf2f5a1d958e750db10837f7f9bd7d8eefb4ae30a7b44571400db3ef4

    • SHA512

      86ed6ee0d0e1d472cbebe8a3337975fdbad300329aa166e8ef9b28bb34b8b5b23a19ebf05aa7195b804a48baa9e574dd0d362d0bea8d615d718535d8718dd610

    • SSDEEP

      3072:4+ZDhLeoLD3rQ2/iMPW6JgjPq9K07qH5vq9f:jquDIIWt+q

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral3behavioral4

    • Target

      972.dll

    • Size

      122KB

    • MD5

      04aec3a5d37f63237ca966cded8deae0

    • SHA1

      ec94cb884c266952032513454f0846837f929e75

    • SHA256

      0590da5914777ce369d62b2f1dbf7064a53093aa99cc3b3bb17abdbc686d562b

    • SHA512

      5e3e2e06473797c25b1839c01624143d1301c70b743032fd2c60994783a934fa95d84bec679f512641e9541c0f743a558ade70db3ea204e28a560984cea84730

    • SSDEEP

      3072:zB0Rsm1ZfEWcMgwZnqhkZwKiilRP9PF7F7WNP:GRHfE2gwpZZwK7PZWV

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral5behavioral6

    • Target

      973.dll

    • Size

      123KB

    • MD5

      87ac86623e96d673472e838b3bc48e33

    • SHA1

      035b8dd39473fffb0869e5b7829248c8981eae9d

    • SHA256

      37601fb25945d5f447c47f82f9da282b01e37a8c3f8a7d1c60d5cb897df83557

    • SHA512

      99acca21544ed3ea9a89d6c4753a6e60197ffb7146d531d0adda798b5e2157934a168e454e35e66e8145386b1ea2a9bb455ab3b9440ab5446d051fa1b4860891

    • SSDEEP

      3072:a2P3pGOntvREZxgNb546z2gU+IODKZQS9YeSbSD7JV:PP3pGOnt+ZxStTEWUQ0Y4D3

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral7behavioral8

    • Target

      974.dll

    • Size

      124KB

    • MD5

      a17d52191d396362580d72e265bdcfa1

    • SHA1

      fa4cbe9136d09cd6edfda53d5c987adcaefe8a37

    • SHA256

      034384403472d88a5c383905be0426b4dafd45c8166c3f962b67a7cdacc48bd0

    • SHA512

      8ca4c00491da5cc3506c860bf825073347998317f238cd927627d027573a5f5b15e85dfe4dbff4ac6eaba1160a9b0d9a5ac7d4861dce04e844e794d47ca97f74

    • SSDEEP

      3072:Ik0jlB6BiQR9z9XNbquKbeh8KOcfbCEfdV2Q0urNDp:+EiQ/z9XIgh8KOcfbC+h

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral10behavioral9

    • Target

      975.dll

    • Size

      123KB

    • MD5

      93300000f2567036a2b500addd07c69e

    • SHA1

      86f1fdb04e71849c8e2bbc4a1f34f213c69bac09

    • SHA256

      ece3eaf03fed347c4f12bd04d30150b4168670ebb4a8b5be518e9112bf1d385e

    • SHA512

      37429d0cbdbcb7405594da1da2a97faae2a90fc58bfbdd84edf1465cb7c72cc7627730b5672ca0c136330f568ec568338ab041501663f912d90ecc75dfe8fac2

    • SSDEEP

      3072:YELLsUp8tzZHXtChW6ran0T0SRu/6A93/gBhmYHU:YE+tzZ3t6xro0oSRuAhrU

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral11behavioral12

    • Target

      976.dll

    • Size

      124KB

    • MD5

      40764f8fdd6483998f904a53acd90202

    • SHA1

      390a285e32195f6d0b44f073c16044da50c3e72c

    • SHA256

      c1e9827b44b24bbdca06cbba266795c5943fd22079dcc0d6af042215569848ca

    • SHA512

      cb0c98bfd582c73cd50ba46aad04331004e9ad56eda1634ab8a42bbe0e3fbca02db3bbc0dc33a1207c9a21aa3204f9db05838f967ea2b8a5b22e5cf2915a6b82

    • SSDEEP

      3072:j/F9ZUgQgBWSUYlL0nbJcv4MZXsxY9JUvP38nBgessBQmc9d:VBWhYZGWAMZX6YnBgeyl9d

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral13behavioral14

    • Target

      977.dll

    • Size

      124KB

    • MD5

      ea6b5481b7aac8197f01165fd064bba0

    • SHA1

      6f33f8c5d2f384d31bd4fcda96c056a1151232bd

    • SHA256

      0a690b97ed5ab6a548cec81f5a632c80fcedde6fc7f26d126363dc8924c969fe

    • SHA512

      1741c4726cd6ad03a448221a32b9443f76bf91ad0ae4e189ebd53902aec2ac3a9a7f112694496b98d33c043761953aa3512cc4d950b58f56f95f263450d32a4a

    • SSDEEP

      3072:2UxRet7AyQj0cx3zJOqCNVy9s6fCZ1U2nIR:uTcVzJO9nm

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral15behavioral16

    • Target

      978.dll

    • Size

      124KB

    • MD5

      2e6ee17ccac73f7eb78c142bdf448fff

    • SHA1

      9021a76b4ea4abe486665f33deb5adcb34b48c05

    • SHA256

      c13948fa3a7b64159ae691d5dff0847cda6e1bc52c31b8a11e63320f2fa728f9

    • SHA512

      a1059fd154bed60ef8129e98783529630d219ae6e7e14916ccf878617fbcc38a1dfc91c5ebc13eb08c0dcf2cc1390a21dc2478303c2f22ab93b32ca10a70b8f8

    • SSDEEP

      3072:Tlp2+4zuCiEnggSa21LcEXeac3ykRBnKtdEZZfYo:RpB4zuCiD7tc05c7Q3KfY

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral17behavioral18

    • Target

      979.dll

    • Size

      123KB

    • MD5

      3c082afe91746fa8f6744914876c0438

    • SHA1

      73161be270e76ad9d7f27aa477818933e5f1dc6b

    • SHA256

      cbb20824b496197ab432d89ece2b72767eb34a25e5776d13abaae07e2fc58bcb

    • SHA512

      ce31b31f7fd5c8e5c193eadda8bb93695071d302563710d15d29a52b094ddfb8119c58125a75c27f911451a17a4ea589322c6c7b0f017dd0527d3784eff5457f

    • SSDEEP

      1536:Pu55gmjFmFZtHi8FhtBQEocWScqzroqovg/O5NZDKWRYrey2YxLEl0xXnSEOzw0g:WFFmFZNFPFocWSjHoqoUOThBmrmkSEh

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral19behavioral20

    • Target

      98.dll

    • Size

      124KB

    • MD5

      cfac3393711c2f8cffe9a49bc3d1b64b

    • SHA1

      8beaea638fd20c857f114530296f037f15586352

    • SHA256

      c4cfd311c0f2999f570bf3c237eb14de6aa0f8c6b0756ecd58c34f5c934c5a58

    • SHA512

      fb34a6e619a473fb43516f1c965787527b37389a61470e5d21bc8b1150759e486dea00d362f35e5d57f8c644b41b95014fc33cd6bd5eb3dbbb25b7400321c6da

    • SSDEEP

      3072:qZi6OvBmFEViFRdHifmnJNUY5LpWJq8NTQslmEelh+UZ:qc9BuYibdHwmjWq6QGU

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral21behavioral22

    • Target

      980.dll

    • Size

      125KB

    • MD5

      bba1f2e12173a0aec074bc42acfa3603

    • SHA1

      1afbadabe105e410d6946739981fa711a6a09ea7

    • SHA256

      da4de6fc66b5adc32cc1ff25ee0cd8794b2a5f3d0ef523eaa092e8b8c1344d07

    • SHA512

      ec66d0b98707cf642d57fab5a2fece4c7567186ab271c930c2b41f4540b0db16990a5e5cdcbabfeb76e98b59de9703da23f5c3a7fdb908151619a274aa89afbd

    • SSDEEP

      3072:VD2GKGHjrkgfF+/w4qmEog4D+bwZfHxk+1560/oDsFrr:XHjrkTw48oZDkwZfH62ZAD4r

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral23behavioral24

    • Target

      981.dll

    • Size

      123KB

    • MD5

      5eae0878d9cdefba5cf6168d0c1d2213

    • SHA1

      b357c46f64cfdd1b321b98c867b1b456e0f63103

    • SHA256

      2d33f645745747a504f2fd7f9ca86323895552486922d1ec575ffb4194fef902

    • SHA512

      798fb6cee5282ba8525ae5f88344b207fab3d0da03e1310e356cfd9a0397976aee26d0212b05a9b5dae62d7b47553a3fa80b44f200b64d51c8f72124b36b2485

    • SSDEEP

      1536:uq8qyeJH3Kze1ku3sNquBp3r6jrLamHzBS3EaGnsffs9b17U3+L4MlzvyZflNMzj:2e/1V3sN5p3r6nLam80aMSfMbyM

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral25behavioral26

    • Target

      982.dll

    • Size

      123KB

    • MD5

      f62c749647521d8504411cf6f6e29fdf

    • SHA1

      d162c28a01741d482895b55957b5bfceebeb7f13

    • SHA256

      6d6f4a9cdb2d48208cb8b048347537758392ee79207e52ea68ff0f1e521f0f41

    • SHA512

      7ddf91b88393a0432205f23308433d041a72bd1e2c776a16ec7f359c9eab3fb732562c9a9a0f0790c84106a3420165f5ff651741e81d4c966fcc93dc7802c7f9

    • SSDEEP

      3072:lQjg2vQZZczfFEiC38hSFvM2A65F9jz93ZTbV:og2vQZGz3QJ/TbV

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral27behavioral28

    • Target

      983.dll

    • Size

      123KB

    • MD5

      8367687d479ea4d71e74410a426c37a2

    • SHA1

      3677bb17775d2f9536d13a04a0457d703e0a1409

    • SHA256

      ef48521a1f0fe87d51e91efa5b5d104c32eb058c498d373e07844e0308a9ad67

    • SHA512

      164524d76338a906f4934ffb035dd40f77dd120bf8f6f1ea4eb96c4b7b0aedfced38f761b8d217fe3af3915db3388162234ea3804966d8b502095022c05d0fe5

    • SSDEEP

      3072:ha5865DrRNwgX34HosbWT5zne4pJ/ak7:haa6VTBYIsbmVJ/a

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral29behavioral30

    • Target

      984.dll

    • Size

      124KB

    • MD5

      61f5c6297292b05b74d20abe5736bd0f

    • SHA1

      576a7055bb08e75f61d2707bcd8dd9f716c5eee6

    • SHA256

      95abde1107b4d8e65089a736dceadbab7c40ecee8c680dea6d6afa2a584607a2

    • SHA512

      824a3dc882e371e1f5a04f84ded66a72197da75f6b7b7a55fac0762b416c4e4640bdb48695e3cfcdb74287df57ec29ad1696dd7590a4ef33289140a5cdaa2b87

    • SSDEEP

      3072:8+BFlwf4ZBEqSUwwqw50Nec8fApk9I/cC+VI:80KfiWxfz84+IEC+VI

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

Score
3/10

behavioral1

strelastealer
Score
10/10

behavioral2

strelastealer
Score
10/10

behavioral3

strelastealer
Score
10/10

behavioral4

Score
1/10

behavioral5

strelastealer
Score
10/10

behavioral6

strelastealer
Score
10/10

behavioral7

strelastealer
Score
10/10

behavioral8

strelastealer
Score
10/10

behavioral9

strelastealer
Score
10/10

behavioral10

strelastealer
Score
10/10

behavioral11

strelastealer
Score
10/10

behavioral12

strelastealer
Score
10/10

behavioral13

strelastealer
Score
10/10

behavioral14

strelastealer
Score
10/10

behavioral15

strelastealer
Score
10/10

behavioral16

strelastealer
Score
10/10

behavioral17

strelastealer
Score
10/10

behavioral18

strelastealer
Score
10/10

behavioral19

strelastealer
Score
10/10

behavioral20

strelastealer
Score
10/10

behavioral21

strelastealer
Score
10/10

behavioral22

strelastealer
Score
10/10

behavioral23

strelastealer
Score
10/10

behavioral24

strelastealer
Score
10/10

behavioral25

strelastealer
Score
10/10

behavioral26

strelastealer
Score
10/10

behavioral27

strelastealer
Score
10/10

behavioral28

strelastealer
Score
10/10

behavioral29

strelastealer
Score
10/10

behavioral30

strelastealer
Score
10/10

behavioral31

strelastealer
Score
10/10

behavioral32

strelastealer
Score
10/10