strela | 74afb37f39e1f411785b6eaa23821e902eb1017e6e8086db75d67dfd80bf074d

Analysis

max time kernel
95s
max time network
96s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
15-07-2024 20:59

Target

0bc52050085600e1eb1764797caec0f0N.dll
Size

122KB
MD5

0bc52050085600e1eb1764797caec0f0
SHA1

00ca99117232439c1983ad2efa3713f59a078259
SHA256

74afb37f39e1f411785b6eaa23821e902eb1017e6e8086db75d67dfd80bf074d
SHA512

aa68df6a81c2610e1f86fbc496a1a2aac3f6a959cb2b02b64c1e50a9ad9033589cb07805eb5dd1e53d45a3ffb2c8f632bece00c74c9176c8ef521f987629d467
SSDEEP

1536:ywFzgBH5JjfTpO4Y7hZFUz51I1NrDXamVgaAb6NbPDST4XyojU1N94bv0hp9GkLn:ywFoH9OfPGc1NXkemMXyN1H4AYCB

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral2/memory/3008-0-0x0000023945580000-0x00000239455A2000-memory.dmp	family_strela
behavioral2/memory/3008-1-0x0000023945580000-0x00000239455A2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\0bc52050085600e1eb1764797caec0f0N.dll,#1
1⤵
PID:3008

memory/3008-0-0x0000023945580000-0x00000239455A2000-memory.dmp

Filesize
136KB

Download
memory/3008-1-0x0000023945580000-0x00000239455A2000-memory.dmp

Filesize
136KB

Download