Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-07-2024 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2d33f645745747a504f2fd7f9ca86323895552486922d1ec575ffb4194fef902.dll

  • Size

    123KB

  • MD5

    5eae0878d9cdefba5cf6168d0c1d2213

  • SHA1

    b357c46f64cfdd1b321b98c867b1b456e0f63103

  • SHA256

    2d33f645745747a504f2fd7f9ca86323895552486922d1ec575ffb4194fef902

  • SHA512

    798fb6cee5282ba8525ae5f88344b207fab3d0da03e1310e356cfd9a0397976aee26d0212b05a9b5dae62d7b47553a3fa80b44f200b64d51c8f72124b36b2485

  • SSDEEP

    1536:uq8qyeJH3Kze1ku3sNquBp3r6jrLamHzBS3EaGnsffs9b17U3+L4MlzvyZflNMzj:2e/1V3sN5p3r6nLam80aMSfMbyM

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2d33f645745747a504f2fd7f9ca86323895552486922d1ec575ffb4194fef902.dll,#1
    1⤵
      PID:4308

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4308-0-0x000001AF8CC80000-0x000001AF8CCA2000-memory.dmp

      Filesize

      136KB

      Download

    • memory/4308-1-0x000001AF8CC80000-0x000001AF8CCA2000-memory.dmp

      Filesize

      136KB

      Download