strela | 4e893ce57cd53cc344932b93b064acfc6dd730cd8df148be5d0b7bf1a50b4ca8 | Triage

Sharing

General

Target

4e893ce57cd53cc344932b93b064acfc6dd730cd8df148be5d0b7bf1a50b4ca8
Size

125KB
Sample

240715-n6h4ysycph
MD5

c27db38eb4e160731a9dbd0cd6b424d1
SHA1

414aecc1a242c03c7c0d2b39ecf08fd07fc882cc
SHA256

4e893ce57cd53cc344932b93b064acfc6dd730cd8df148be5d0b7bf1a50b4ca8
SHA512

90ff7c93a02ca6c1003fe97d78531d8ed894171e41ea0028cf287e451bffd68aff9b5ed32abbb42f61ce89d3905e47f50a64a826ec19908f76564b8c7b16643f
SSDEEP

3072:KguyDa5huD6Y4ya1at/k64hXYq3zlVCe7Wo7eIHhUCDNA/jrU:ZI0OJyWGk6YX5BE18eMUW+rU

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes

url_path
/out.php
user_agent
Mozilla/4.0 (compatible)

Targets

- Target
  
  4e893ce57cd53cc344932b93b064acfc6dd730cd8df148be5d0b7bf1a50b4ca8
- Size
  
  125KB
- MD5
  
  c27db38eb4e160731a9dbd0cd6b424d1
- SHA1
  
  414aecc1a242c03c7c0d2b39ecf08fd07fc882cc
- SHA256
  
  4e893ce57cd53cc344932b93b064acfc6dd730cd8df148be5d0b7bf1a50b4ca8
- SHA512
  
  90ff7c93a02ca6c1003fe97d78531d8ed894171e41ea0028cf287e451bffd68aff9b5ed32abbb42f61ce89d3905e47f50a64a826ec19908f76564b8c7b16643f
- SSDEEP
  
  3072:KguyDa5huD6Y4ya1at/k64hXYq3zlVCe7Wo7eIHhUCDNA/jrU:ZI0OJyWGk6YX5BE18eMUW+rU
Score

10^/10

strela stealer
- Detects Strela Stealer payload
- Strela stealer
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2