Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15/07/2024, 11:59 UTC

General

  • Target

    cf5d0e6d15dd0a48b15dec62cad775a24d9b088e16e0de327fd5ca7f426cbf09.dll

  • Size

    124KB

  • MD5

    2b95cec0a68e2eec104963cf2536e298

  • SHA1

    2500e2655ae82eded16a9462d104a6921a1bedab

  • SHA256

    cf5d0e6d15dd0a48b15dec62cad775a24d9b088e16e0de327fd5ca7f426cbf09

  • SHA512

    dbfed76f86df64c2ffe009a1d9d50ec71cd81ead0234007ca935e7ff115b5f993985018d37560e9f128094e4e8cbf33bafabee43e40aa772184a2eb18ea5d466

  • SSDEEP

    3072:zSkK++WmvD8P2mC8XKT+e1RWx2Rq9h6v6lor+:zSklm7874+G66v6+r+

Score
10/10

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cf5d0e6d15dd0a48b15dec62cad775a24d9b088e16e0de327fd5ca7f426cbf09.dll,#1
    1⤵
      PID:3180

    Network

      No results found
    • 52.111.236.21:443
      322 B
      7
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3180-0-0x000001EDFF860000-0x000001EDFF882000-memory.dmp

      Filesize

      136KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.