Analysis

  • max time kernel
    15s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2024, 03:14 UTC

General

  • Target

    6eae5da4986feb5b0a2072da19199180N.dll

  • Size

    128KB

  • MD5

    6eae5da4986feb5b0a2072da19199180

  • SHA1

    be1d657bb8d1445b8e7ad3d2af5831322c6e091d

  • SHA256

    55631a3bf8ab4443946e456931a045cd2677cae52c60ced11bd047f70cd60584

  • SHA512

    22b3aa6338bf823bb39549f2b02eb1c7fe637cc6b7cc1844c7f2dab454ef657632a516e6df7be213a1037aa0d6a6e0b0f55668d889b16fcf6687397866322fdf

  • SSDEEP

    3072:8TJ1MtmOB7/RaTrLGSapv9ahgY0hbrSD:8t1Mt7Za+jpv2Ahb

Score
10/10

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6eae5da4986feb5b0a2072da19199180N.dll,#1
    1⤵
      PID:2468

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2468-0-0x0000000001D00000-0x0000000001D22000-memory.dmp

      Filesize

      136KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.