Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
15/07/2024, 05:34 UTC
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
903783a8bd91555b5ee3406afb36ddd0N.dll
Resource
win7-20240705-en
2 signatures
120 seconds
General
-
Target
903783a8bd91555b5ee3406afb36ddd0N.dll
-
Size
283KB
-
MD5
903783a8bd91555b5ee3406afb36ddd0
-
SHA1
160c4fa48028feacc133b33197ce256554a626ec
-
SHA256
13262575641c6a3e7bf49c398aebb3f3161ac82dc01aa20212d240568dc1b7c8
-
SHA512
a75a7ce6f48d3aea7a6b69dda95673b0e68049ec9c1f20ed5e3c97cc605c955c443f3c6a2a6ba9824a6cf83cd31ab8ec1e5d0d32cd8e32efb87de0f761e5f264
-
SSDEEP
6144:zSFgFKbLMiyhvsrcMt7h6x0YYhbe1Ozm/YiWCCP9l+79INgpAs7R6TdC3icRkUB:zSFgFKbLMRhUqQRuys7RCd1cR/B
Malware Config
Extracted
Family
strela
C2
45.9.74.176
Attributes
-
url_path
/server.php
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537
Signatures
-
Detects Strela Stealer payload 3 IoCs
resource yara_rule behavioral1/memory/1056-0-0x00000000003E0000-0x0000000000402000-memory.dmp family_strela behavioral1/memory/1056-2-0x00000000003E0000-0x0000000000402000-memory.dmp family_strela behavioral1/memory/1056-1-0x000007FEF73C0000-0x000007FEF740E000-memory.dmp family_strela