General

  • Target

    1cf88ff0a8100e671ae9c831d33539e6834064ef1e8c122f616a2b2495f5c1e3

  • Size

    124KB

  • Sample

    240715-n6fntsyclf

  • MD5

    8efb9dc9b7baaa0443d218a49a6b6828

  • SHA1

    b8a0da4ec33e8560f391e9f948a7e1c5c65bde14

  • SHA256

    1cf88ff0a8100e671ae9c831d33539e6834064ef1e8c122f616a2b2495f5c1e3

  • SHA512

    ade193656094515081fe994ba155063637140aea0ec62356565c7f281358b37c78d44f5cb7f3c2245181529dce8b07131442b23b8159e26c44464d3a867de526

  • SSDEEP

    3072:/8g95ZzK07Y9OwE5olhCpmBGw5vhXySjZ4bBJQug3iwJmGCV:DRzK6wE5olhmmBPDCSN4bBJQugJ

Score
10/10

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Targets

    • Target

      1cf88ff0a8100e671ae9c831d33539e6834064ef1e8c122f616a2b2495f5c1e3

    • Size

      124KB

    • MD5

      8efb9dc9b7baaa0443d218a49a6b6828

    • SHA1

      b8a0da4ec33e8560f391e9f948a7e1c5c65bde14

    • SHA256

      1cf88ff0a8100e671ae9c831d33539e6834064ef1e8c122f616a2b2495f5c1e3

    • SHA512

      ade193656094515081fe994ba155063637140aea0ec62356565c7f281358b37c78d44f5cb7f3c2245181529dce8b07131442b23b8159e26c44464d3a867de526

    • SSDEEP

      3072:/8g95ZzK07Y9OwE5olhCpmBGw5vhXySjZ4bBJQug3iwJmGCV:DRzK6wE5olhmmBPDCSN4bBJQugJ

    Score
    10/10
    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

MITRE ATT&CK Matrix

Tasks