Overview

overview

10

Static

static

3

4460462c39...0N.dll

windows7-x64

10

4460462c39...0N.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    13s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    16/07/2024, 01:22

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4460462c39682fe4254a75b814033da0N.dll

  • Size

    123KB

  • MD5

    4460462c39682fe4254a75b814033da0

  • SHA1

    1704b8908ff234c6558f7d5e978eaffc9e4dfb29

  • SHA256

    00a72e85af16f5eb6f7beb3331466ba5a28125511255b57f7e7c5639db369f75

  • SHA512

    fd76d426547efbbf8594355505f8aec5c8c37e9717c5607cfb1a2d44fd3da7f005a432a1699ab65bcbeb8e7963d95e1eeaa5a936d98133509575795a648e7778

  • SSDEEP

    3072:uGpuyzxN++i83lH3h/YCPj/DCvrQX7ippZIqD/6+D6onwvR:KUo+R1H3Hj+vrQX7MT/XM

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\4460462c39682fe4254a75b814033da0N.dll,#1
    1⤵
      PID:1512

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1512-1-0x0000000001CF0000-0x0000000001D12000-memory.dmp

            Filesize

            136KB

            Download

          • memory/1512-0-0x0000000001CF0000-0x0000000001D12000-memory.dmp

            Filesize

            136KB

            Download