Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    146s
  • max time network
    151s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15/07/2024, 12:04

General

  • Target

    b8e7201eed0f5acee59b5cefc1f8b538401eac7f8bc40ed65ac77be67dfb7fd5.dll

  • Size

    122KB

  • MD5

    e39f6587c536906b6e6f26a27895211a

  • SHA1

    5a309f6f42cce35b44deb35d5fe189ee322b7e7f

  • SHA256

    b8e7201eed0f5acee59b5cefc1f8b538401eac7f8bc40ed65ac77be67dfb7fd5

  • SHA512

    39c3ebb092c8207fd38796f9b208a8706d2ab089728896cbac6836e3e8df40140883cbc1640feb9e3a990106870252edb199ae2cb136555a087d9bdc94a90268

  • SSDEEP

    1536:O7w5PSgIE+/EvxHmPWIW1m5MqsYxvMnpKanXnfcRwi+UkYAalFbJbnhiC2fS/ie:6wkgNEc12MqsYxvMphXnIa5alj7f2fi

Score
10/10

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\b8e7201eed0f5acee59b5cefc1f8b538401eac7f8bc40ed65ac77be67dfb7fd5.dll,#1
    1⤵
      PID:1372

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1372-0-0x000002068DAD0000-0x000002068DAF2000-memory.dmp

      Filesize

      136KB