strela | 3bcddbc335a86604ed6df6de3a837c65a0d0c05b6b31b1a36239bc786c1e751f

Analysis

max time kernel
147s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
15-07-2024 12:04

Target

3bcddbc335a86604ed6df6de3a837c65a0d0c05b6b31b1a36239bc786c1e751f.dll
Size

124KB
MD5

538a68e49f603224383d4a03402b9464
SHA1

80a8dc0d87ad7bd68e720f453ddf5223ad38cb7d
SHA256

3bcddbc335a86604ed6df6de3a837c65a0d0c05b6b31b1a36239bc786c1e751f
SHA512

8f3a0029de777aca416ac2519b6d96d24988f77361eb0340cfdeee5efda10ceedc63b1b6a6d379f1ef633d1dccef44938942654a4c2e4ae49066923e24f607cf
SSDEEP

3072:4vc1+ZISMwIFR2eFZRUXDIxMYf/bz19Lk5387:4kTvwIFR2eFZRUcxpNZ

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/4968-0-0x00000200A4510000-0x00000200A4532000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3bcddbc335a86604ed6df6de3a837c65a0d0c05b6b31b1a36239bc786c1e751f.dll,#1
1⤵
PID:4968

memory/4968-0-0x00000200A4510000-0x00000200A4532000-memory.dmp

Filesize
136KB

Download