strela | 2b79801530c7c788f28db3d7743c01dfdb913c4c9c429fa528e48892d947ac29

Analysis

max time kernel
93s
max time network
95s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 12:04

Target

2b79801530c7c788f28db3d7743c01dfdb913c4c9c429fa528e48892d947ac29.dll
Size

124KB
MD5

80940521dd5290dcf754e5c8ad340d6e
SHA1

fc8ebc0addd2314b02ced66f2537e917754ba225
SHA256

2b79801530c7c788f28db3d7743c01dfdb913c4c9c429fa528e48892d947ac29
SHA512

8a2543030cbf394e3d45b2cbb9a9d0cb1cf7da88e07b73e121fba279972181bf468cb66f61c8512b2fe1aaa9525ea566fa3e9bc611c5b4bd470e5ad0ba73a246
SSDEEP

3072:m2bV6VkZG6OXmlhFqHDMvr2i6KCncNVJ1aqnf1vLxv:3sh6km/AX9lcLjndjx

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral1/memory/1556-1-0x0000023EFC070000-0x0000023EFC092000-memory.dmp	family_strela
behavioral1/memory/1556-0-0x0000023EFC070000-0x0000023EFC092000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\2b79801530c7c788f28db3d7743c01dfdb913c4c9c429fa528e48892d947ac29.dll,#1
1⤵
PID:1556

memory/1556-1-0x0000023EFC070000-0x0000023EFC092000-memory.dmp

Filesize
136KB

Download
memory/1556-0-0x0000023EFC070000-0x0000023EFC092000-memory.dmp

Filesize
136KB

Download