strela | 3dc7d8f0f1682a1599e9992a52d390a40e68788e0a0c80b05b06c212f9a8c9b3

Analysis

max time kernel
92s
max time network
93s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
15-07-2024 12:04

Target

3dc7d8f0f1682a1599e9992a52d390a40e68788e0a0c80b05b06c212f9a8c9b3.dll
Size

125KB
MD5

6701cfc2a76ca674c98166fd90e47905
SHA1

49a4c047fa9c8a7ab45912b65e515f74db3df625
SHA256

3dc7d8f0f1682a1599e9992a52d390a40e68788e0a0c80b05b06c212f9a8c9b3
SHA512

e4f82fb5177cc022afd33e2d2a3e9365e5f11c7b9854a8acb8c163f7959e0b85702051e2bb98947f3674f9a3c70ea54192cbd375f80029a22186e4eafef20205
SSDEEP

3072:CvcIzE7M5xmBh1C7ln0g3Bsxw9U6DRwFnDhojIH8I/MfmBb/:w8Mxm70xHmYvDRwFnF8IH8PfmBb/

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/3356-0-0x00000187E09F0000-0x00000187E0A12000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3dc7d8f0f1682a1599e9992a52d390a40e68788e0a0c80b05b06c212f9a8c9b3.dll,#1
1⤵
PID:3356

memory/3356-0-0x00000187E09F0000-0x00000187E0A12000-memory.dmp

Filesize
136KB

Download