Overview

overview

10

Static

static

3

2500.dll

windows7-x64

10

2500.dll

windows10-2004-x64

10

2501.dll

windows7-x64

10

2501.dll

windows10-2004-x64

10

2502.dll

windows7-x64

10

2502.dll

windows10-2004-x64

10

2503.dll

windows7-x64

10

2503.dll

windows10-2004-x64

10

2504.dll

windows7-x64

10

2504.dll

windows10-2004-x64

10

2505.dll

windows7-x64

10

2505.dll

windows10-2004-x64

10

2506.dll

windows7-x64

10

2506.dll

windows10-2004-x64

10

2507.dll

windows7-x64

10

2507.dll

windows10-2004-x64

10

2508.dll

windows7-x64

10

2508.dll

windows10-2004-x64

10

2509.dll

windows7-x64

10

2509.dll

windows10-2004-x64

10

2510.dll

windows7-x64

10

2510.dll

windows10-2004-x64

10

2511.dll

windows7-x64

10

2511.dll

windows10-2004-x64

1

2512.dll

windows7-x64

10

2512.dll

windows10-2004-x64

10

2513.dll

windows7-x64

10

2513.dll

windows10-2004-x64

10

2514.dll

windows7-x64

10

2514.dll

windows10-2004-x64

1

2515.dll

windows7-x64

10

2515.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    93s
  • max time network
    99s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-07-2024 11:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2515.dll

  • Size

    124KB

  • MD5

    d3a5695976435b0d8028f0ef48018aec

  • SHA1

    211af82c9ab277a726c251de5b767fcce1e358b0

  • SHA256

    53f659b44d032e18cdabf81acc327517cc68192576458a54de8ca5979f5fe676

  • SHA512

    cbfc2b11dcbd87902fa9d7e1c1a7247cb4c4a8a2819895682eb530e0901eace4320a4d707992dac6e2e094199a7d69d0d1e3f5bd0a24474733630324d4848c98

  • SSDEEP

    3072:Y320SO3w40zX58A/w1n8HquBtxSgnfl8jbBhiKhGE5DbIuJ76/:Y23O3w4Up8It1ZuJhqSfIX/

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2515.dll,#1
    1⤵
      PID:4868

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4868-1-0x000001D507A30000-0x000001D507A52000-memory.dmp

      Filesize

      136KB

      Download

    • memory/4868-0-0x000001D507A30000-0x000001D507A52000-memory.dmp

      Filesize

      136KB

      Download