Overview

overview

10

Static

static

3

198307a235...0N.dll

windows7-x64

10

198307a235...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    198307a2352f8cdd31329a539d128b00N.exe

  • Size

    288KB

  • Sample

    240714-zg5gfatdql

  • MD5

    198307a2352f8cdd31329a539d128b00

  • SHA1

    e9e3b72bbe30556be62b429482e7bcd60561c1e3

  • SHA256

    3a852f5bb0362fe1d3918e2297ca6b2927254f98a11019ba4def79398686e526

  • SHA512

    c1fde6c283055bd350e86cbd12daa3b2573d7c651b8ef144437e404a1907414b1d37cf376e6d85c86b49a84c39525b2bd827af9bb79c4ae9175dbd30045caa5d

  • SSDEEP

    3072:UBkE4PtHbv06s+W4uQKB1S3csrVvMi3fF4KhXpmYJd4a5sDSloDbHvRUB:UBkE4Pt7FsD4uQosBkkphJ/SSlqUB

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.176

Attributes
  • url_path

    /server.php

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537

Targets

    • Target

      198307a2352f8cdd31329a539d128b00N.exe

    • Size

      288KB

    • MD5

      198307a2352f8cdd31329a539d128b00

    • SHA1

      e9e3b72bbe30556be62b429482e7bcd60561c1e3

    • SHA256

      3a852f5bb0362fe1d3918e2297ca6b2927254f98a11019ba4def79398686e526

    • SHA512

      c1fde6c283055bd350e86cbd12daa3b2573d7c651b8ef144437e404a1907414b1d37cf376e6d85c86b49a84c39525b2bd827af9bb79c4ae9175dbd30045caa5d

    • SSDEEP

      3072:UBkE4PtHbv06s+W4uQKB1S3csrVvMi3fF4KhXpmYJd4a5sDSloDbHvRUB:UBkE4Pt7FsD4uQosBkkphJ/SSlqUB

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks