strela | 13b7cde6358b75b19f3bbcb9bf764bfa1a2dc71b15d6d76dc4962dc96c2b99d4

Analysis

max time kernel
92s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 12:00

Target

13b7cde6358b75b19f3bbcb9bf764bfa1a2dc71b15d6d76dc4962dc96c2b99d4.dll
Size

123KB
MD5

374acc6307aadbd9b504eee11ee66ced
SHA1

cd3e9b60352e9a2f185aaba8c1c7cbf99b605f2f
SHA256

13b7cde6358b75b19f3bbcb9bf764bfa1a2dc71b15d6d76dc4962dc96c2b99d4
SHA512

b5b598d6637e0961b2473dad7813ff5a01101dc9677289f5ee177c8b3807e2a3e9ca71a46948631eb03f05c6d2c290fe148dc58b04d89fdc24a5c1bfee04791b
SSDEEP

3072:Obx2iZR4SJ5Uu/hX4PTE1/79o7U5Ay2VIx1HuAEA:O0szUQ6rsZoRyFxFuz

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral1/memory/1888-0-0x0000027C12DB0000-0x0000027C12DD2000-memory.dmp	family_strela
behavioral1/memory/1888-1-0x0000027C12DB0000-0x0000027C12DD2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\13b7cde6358b75b19f3bbcb9bf764bfa1a2dc71b15d6d76dc4962dc96c2b99d4.dll,#1
1⤵
PID:1888

memory/1888-0-0x0000027C12DB0000-0x0000027C12DD2000-memory.dmp

Filesize
136KB

Download
memory/1888-1-0x0000027C12DB0000-0x0000027C12DD2000-memory.dmp

Filesize
136KB

Download