strela | 1df3dcb508fcf4a906b8fa410bac559a118f6771b3bf44f1ffa64c78c07790a9

Analysis

max time kernel
149s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15-07-2024 12:13

Target

1df3dcb508fcf4a906b8fa410bac559a118f6771b3bf44f1ffa64c78c07790a9.dll
Size

127KB
MD5

bafebf4a21e98c6ed129c064610b201a
SHA1

a75315e2e8f35f50f1eed8c1c65c03e58b01aa55
SHA256

1df3dcb508fcf4a906b8fa410bac559a118f6771b3bf44f1ffa64c78c07790a9
SHA512

d3c3af0a2ffa45fda247aa60a1eba99c4061d24ab54c612a197d7b02b94d89c28402bc6014712393afd6550d1440ec25fb913d3211a9384e11cf5a0e12b5b8d1
SSDEEP

3072:/WoexlZ7b6Q+wLHj9UKXsuf6SYPa/yO7Fv6P9L:YXqwL5lXsKmyyAG

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/1780-0-0x0000012D81510000-0x0000012D81532000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\1df3dcb508fcf4a906b8fa410bac559a118f6771b3bf44f1ffa64c78c07790a9.dll,#1
1⤵
PID:1780

memory/1780-0-0x0000012D81510000-0x0000012D81532000-memory.dmp

Filesize
136KB

Download