Analysis
-
max time kernel
94s -
max time network
99s -
platform
windows11-21h2_x64 -
resource
win11-20240709-en -
resource tags
arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system -
submitted
15/07/2024, 11:40 UTC
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4cc1fede57b8094259dc3be0b47ce7a534f5e29d7ff9dd63bbaaa390042ca155.dll
Resource
win10v2004-20240704-en
2 signatures
150 seconds
General
-
Target
4cc1fede57b8094259dc3be0b47ce7a534f5e29d7ff9dd63bbaaa390042ca155.dll
-
Size
125KB
-
MD5
ee8b2c4623da525d3d9dfe1ebc1cf8fa
-
SHA1
16d0491095bec426656ae2efe22d5fb1bea3650f
-
SHA256
4cc1fede57b8094259dc3be0b47ce7a534f5e29d7ff9dd63bbaaa390042ca155
-
SHA512
4e4d22201f53df786c5cb608d4687e185044c46fbd1bb7575cccff0babf8efebc85fb0374f6cb38ad6ccc63dcd8d709c35ca575ae47fdbdfc31fb4a096bce294
-
SSDEEP
3072:poaTyqJ7HcWAIEiG0S49R/b9w/+c9uoKCmKs:SaTh1cWApiQ4TT9nqX9mF
Malware Config
Extracted
Family
strela
C2
45.9.74.32
Attributes
-
url_path
/out.php
-
user_agent
Mozilla/4.0 (compatible)
Signatures
Processes
Network
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTRResponse8.8.8.8.in-addr.arpaIN PTRdnsgoogle
-
Remote address:8.8.8.8:53Request8.8.8.8.in-addr.arpaIN PTR
-
Remote address:8.8.8.8:53Request30.243.111.52.in-addr.arpaIN PTRResponse
No results found