strela | 5dea6ac9f69cd34dc2bca7471973c3b6c435181ba1719c8b8a92902f7d9cbada

Analysis

max time kernel
147s
max time network
151s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
15-07-2024 12:33

Target

5dea6ac9f69cd34dc2bca7471973c3b6c435181ba1719c8b8a92902f7d9cbada.dll
Size

123KB
MD5

89dc47729c93dc5662376914ca360af8
SHA1

3e55bae7efb911d630d772357f12aaf42686fc72
SHA256

5dea6ac9f69cd34dc2bca7471973c3b6c435181ba1719c8b8a92902f7d9cbada
SHA512

ff6c63f7dc6126d9df15b2ab1c50f27bfa2e65aac9fa413d03b0e9fd71553e669ca4fdd93ba1449a695836b9a3bd13fdfe653d12cddeaf0c1d4212c36dc222f5
SSDEEP

3072:U0NWupMPqMW/T2G9OeTBoF48mPZV4unlpIbpXWMJ:U0NX/6WxoFrOlA

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/2648-0-0x000001DA36AF0000-0x000001DA36B12000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\5dea6ac9f69cd34dc2bca7471973c3b6c435181ba1719c8b8a92902f7d9cbada.dll,#1
1⤵
PID:2648

memory/2648-0-0x000001DA36AF0000-0x000001DA36B12000-memory.dmp

Filesize
136KB

Download