strela | 64d4e6ba3c26f59ee378e41a7143626865751ebc294619c0fe0af284ab58b3bf

Analysis

max time kernel
141s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20240704-en
resource tags

arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
submitted
15-07-2024 12:00

Target

64d4e6ba3c26f59ee378e41a7143626865751ebc294619c0fe0af284ab58b3bf.dll
Size

124KB
MD5

6612ff4feb79f449795ce38d3a9fe625
SHA1

199f944b9b10158bf66734f60d909c1e86ff8571
SHA256

64d4e6ba3c26f59ee378e41a7143626865751ebc294619c0fe0af284ab58b3bf
SHA512

eaaa9bd1450cdeebc0050e5f39fb7866d6e301fe2f1d85b5da85b489d2bc2ea137c3b1c4276d5438bbd6623e9418779541ca460b419c853667c3a09f71da71a5
SSDEEP

3072:La/6gOiwkEvIwIiRLvlx4CrlFCmc/q9yO9V4YRTjeFamiT97AplCzOE:ATgPIwvLvJjCmcC7nRuFNmAp

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/1476-0-0x00000244517A0000-0x00000244517C2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\64d4e6ba3c26f59ee378e41a7143626865751ebc294619c0fe0af284ab58b3bf.dll,#1
1⤵
PID:1476

memory/1476-0-0x00000244517A0000-0x00000244517C2000-memory.dmp

Filesize
136KB

Download