strela | 71fd19475963a445fb78371449bbd162b01c0df663be3d0214dcbf731e695eb7

Analysis

max time kernel
93s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
14/07/2024, 22:04

Target

2ca93d172d0e79b821ae68a04d943cd0N.dll
Size

124KB
MD5

2ca93d172d0e79b821ae68a04d943cd0
SHA1

10d5d4bbc13d5bb28ebe8f6f3e093717c0683cb5
SHA256

71fd19475963a445fb78371449bbd162b01c0df663be3d0214dcbf731e695eb7
SHA512

67b76d44224d3b4d57b085d346e5d9a4af605513894678694208ba1aa0f14f1ce599f12311286bd4a5af5331e17bd20193c505e7243f5359eb5562411f948889
SSDEEP

3072:MCNkvLLB0zJ6j+39YS9LLMjxe1nvSw73MFQfsa1:MCSvLgJv3aSZMjxeF33Lfsa1

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/3168-0-0x000001EC6FD70000-0x000001EC6FD92000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2ca93d172d0e79b821ae68a04d943cd0N.dll,#1
1⤵
PID:3168

memory/3168-0-0x000001EC6FD70000-0x000001EC6FD92000-memory.dmp

Filesize
136KB

Download