strela | 9671fffffc168baf3de4fcb648e451dc04723cc80aee3efea3c5dd7f7033198e

Analysis

max time kernel
149s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15-07-2024 12:00

Target

9671fffffc168baf3de4fcb648e451dc04723cc80aee3efea3c5dd7f7033198e.dll
Size

123KB
MD5

def5cab1b6222e1b2e88eec0c5a64c3c
SHA1

c761a6a41d4860eadd0279ae20aeabab5d70b1a9
SHA256

9671fffffc168baf3de4fcb648e451dc04723cc80aee3efea3c5dd7f7033198e
SHA512

9eceba927fb1efc612677a573132428b6a483cca6d037a7d608b9789c42b15f4bde566b3d3be24506e0a8a35df30c77b0f580f6e0c9f47bb10c20bef1cb57c53
SSDEEP

1536:XEwXfQfsnJrCvGamVTviktzbyfXsQk+W/FVJg/WbI7tjxBw6uj/BG8WaFZniXsNh:0QfK8Jdaguuzbk9W/FV9875wbWcQK

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/4300-0-0x000002724AD30000-0x000002724AD52000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\9671fffffc168baf3de4fcb648e451dc04723cc80aee3efea3c5dd7f7033198e.dll,#1
1⤵
PID:4300

memory/4300-0-0x000002724AD30000-0x000002724AD52000-memory.dmp

Filesize
136KB

Download