strela | 6648e54469f6e37a7266ed716c25daeac5657edfb3c631f67e283819b013cd2b

Analysis

max time kernel
91s
max time network
94s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
15/07/2024, 12:05 UTC

Target

6648e54469f6e37a7266ed716c25daeac5657edfb3c631f67e283819b013cd2b.dll
Size

123KB
MD5

6d626ff8667765b26c211c81f0dea161
SHA1

928a20fb697bf990d2fc75886ab56d12c555327b
SHA256

6648e54469f6e37a7266ed716c25daeac5657edfb3c631f67e283819b013cd2b
SHA512

0e0e1de4909711de204eca57c6922555becc72c29fda299a242c0e46032a53a66a1b914dbd0fe4b3d799cb86877336a96e9072101f1469b981413459974a157f
SSDEEP

1536:tZfLglYnwPPdeaHxPprXAW0lMxdG25eYy77BBWHI0CgdGSttSCkYtHn60ukh:XclSw9eWxPBzzMEHdcStUCkYZz

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/3776-0-0x0000023BE2760000-0x0000023BE2782000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6648e54469f6e37a7266ed716c25daeac5657edfb3c631f67e283819b013cd2b.dll,#1
1⤵
PID:3776

memory/3776-0-0x0000023BE2760000-0x0000023BE2782000-memory.dmp

Filesize
136KB

Download