strela | bd06472a51593081350819e590fcaaaa3a095f6553b268132f97c74d3d9ebc88

Analysis

max time kernel
95s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15/07/2024, 12:21

Target

bd06472a51593081350819e590fcaaaa3a095f6553b268132f97c74d3d9ebc88.dll
Size

123KB
MD5

def3b59cd53656d2e24c0c86d3717b65
SHA1

6126814f2f5bb4fa5d72749bfb2c611f7b7facf9
SHA256

bd06472a51593081350819e590fcaaaa3a095f6553b268132f97c74d3d9ebc88
SHA512

2456551950fae6c7cf523c3c160584831980a797a4d952fa528a3a2e12414d6f02c6df3d2c605bbed7024f2d8d8e3e4c3cb68889bc6fecc0bd76f43633313ea0
SSDEEP

1536:Aqg4VwOZszk7d0WVz77EY6dwzVeRm+/imBswVj1SONwWpZ5ohqgXbleLbsz2puGV:TgnOB7d0Ov59kJswVLn5ohBRaszajuV

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral1/memory/2760-0-0x000002256F250000-0x000002256F272000-memory.dmp	family_strela
behavioral1/memory/2760-1-0x000002256F250000-0x000002256F272000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\bd06472a51593081350819e590fcaaaa3a095f6553b268132f97c74d3d9ebc88.dll,#1
1⤵
PID:2760

memory/2760-0-0x000002256F250000-0x000002256F272000-memory.dmp

Filesize
136KB

Download
memory/2760-1-0x000002256F250000-0x000002256F272000-memory.dmp

Filesize
136KB

Download