Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    149s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240709-en
  • resource tags

    arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15/07/2024, 12:12

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    36204d6a4d812744353f9c29de5f6e968facdd7c0b82a4210fc07b54ab13ee35.dll

  • Size

    123KB

  • MD5

    b721d21899e8aa6a2fb75db8f0c76012

  • SHA1

    60623441626f25e85e7f0770b20c1482464c1e5e

  • SHA256

    36204d6a4d812744353f9c29de5f6e968facdd7c0b82a4210fc07b54ab13ee35

  • SHA512

    bb94ea0609763c2e3340dc9a042df3e64ca1c6a2e2018842af1bcbc4e20fb7a39d3c3759f9778f176e882fd5302c0c811325bec2cdc243ee57ea605ba2f33c77

  • SSDEEP

    3072:D2j91UcG/h3DhJIiiIAOVCHk2o/pjvYMsilvolx:DQ1o5DvIfxzHk3vYP

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\36204d6a4d812744353f9c29de5f6e968facdd7c0b82a4210fc07b54ab13ee35.dll,#1
    1⤵
      PID:2344

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2344-0-0x00000283346B0000-0x00000283346D2000-memory.dmp

            Filesize

            136KB

            Download