strela | 18129a10397d18f11260be2cc1e2a8f36b1c1207af28230e1979159b0528e790

Analysis

max time kernel
119s
max time network
18s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
16-07-2024 00:30

Target

3978ef3f7ff6c0a25459c3455741e220N.dll
Size

123KB
MD5

3978ef3f7ff6c0a25459c3455741e220
SHA1

bca34a4cb0e9e0af7bc2033118e070aab549aef1
SHA256

18129a10397d18f11260be2cc1e2a8f36b1c1207af28230e1979159b0528e790
SHA512

b6b5b10cb3f9a8d2c32d8c6be63f6c105f5bdb1b641809b13aae195cc0f42f67b57a9ef1121ca14b42ce28d6b7d950e34e54b6958d470b9f2883cf52eaccaa06
SSDEEP

3072:17mg6Kq+pRkO+cAj+fG9zvck75dbcLQfDY/uNiar8h/tOJvP:17m70T9fsTR75dgMAuwjK

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/1700-0-0x0000000000200000-0x0000000000222000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\3978ef3f7ff6c0a25459c3455741e220N.dll,#1
1⤵
PID:1700

memory/1700-0-0x0000000000200000-0x0000000000222000-memory.dmp

Filesize
136KB

Download