strela | 6e345ea1116374fe8fdaa9226aa632933cf640b30e8b37773cb663c31a0af3d8

Analysis

max time kernel
91s
max time network
93s
platform
windows11-21h2_x64
resource
win11-20240709-en
resource tags

arch:x64arch:x86image:win11-20240709-enlocale:en-usos:windows11-21h2-x64system
submitted
15-07-2024 12:34

Target

6e345ea1116374fe8fdaa9226aa632933cf640b30e8b37773cb663c31a0af3d8.dll
Size

123KB
MD5

e9b5d04147ffd55f715594f92df601df
SHA1

e4ad84a1d7a4dd7bba04165fae1186000d3fb200
SHA256

6e345ea1116374fe8fdaa9226aa632933cf640b30e8b37773cb663c31a0af3d8
SHA512

766fec925cc7998334e264ec125d088e7b863da8856106fe7c26a0c60b4328f56730d29dc872e53c380e8c6a40f645cf782e177074e0d9ccf48aff8805acaef4
SSDEEP

3072:pC8SHpWrupUTAdwkNmFqsUZtSqeI9uT6K7b4rKly1kqec:pCJHpWruCaisSqeIa4raq

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/3472-0-0x0000016E7A840000-0x0000016E7A862000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\6e345ea1116374fe8fdaa9226aa632933cf640b30e8b37773cb663c31a0af3d8.dll,#1
1⤵
PID:3472

memory/3472-0-0x0000016E7A840000-0x0000016E7A862000-memory.dmp

Filesize
136KB

Download