strela | 6be18d1b2a9412d001f63c6b3aad32e525822beee8dd5df976f2a60ccae40a30

Analysis

max time kernel
95s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15-07-2024 12:00

Target

6be18d1b2a9412d001f63c6b3aad32e525822beee8dd5df976f2a60ccae40a30.dll
Size

126KB
MD5

d372ce9928c13df7130a65a698ef12ad
SHA1

1c3cd56d9c860345e63a73a07def35edbe260368
SHA256

6be18d1b2a9412d001f63c6b3aad32e525822beee8dd5df976f2a60ccae40a30
SHA512

6d6b6aa7798e000aaba16d525f5db316552367d36557c83a349d613eae076491a80448e9bc839e487f4fc64ad81dab976648f14209602b6678b595970be40cdc
SSDEEP

3072:n5aFrT3YU73cQiHb6Ur5RaRC5DY8d8wnCXfSB7QkMVeUO:n5+rT3YATi2RA1ZKqBUkoeU

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/4888-0-0x0000020712CD0000-0x0000020712CF2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6be18d1b2a9412d001f63c6b3aad32e525822beee8dd5df976f2a60ccae40a30.dll,#1
1⤵
PID:4888

memory/4888-0-0x0000020712CD0000-0x0000020712CF2000-memory.dmp

Filesize
136KB

Download