strela | 00a72e85af16f5eb6f7beb3331466ba5a28125511255b57f7e7c5639db369f75

Analysis

max time kernel
92s
max time network
97s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16-07-2024 01:22

Target

4460462c39682fe4254a75b814033da0N.dll
Size

123KB
MD5

4460462c39682fe4254a75b814033da0
SHA1

1704b8908ff234c6558f7d5e978eaffc9e4dfb29
SHA256

00a72e85af16f5eb6f7beb3331466ba5a28125511255b57f7e7c5639db369f75
SHA512

fd76d426547efbbf8594355505f8aec5c8c37e9717c5607cfb1a2d44fd3da7f005a432a1699ab65bcbeb8e7963d95e1eeaa5a936d98133509575795a648e7778
SSDEEP

3072:uGpuyzxN++i83lH3h/YCPj/DCvrQX7ippZIqD/6+D6onwvR:KUo+R1H3Hj+vrQX7MT/XM

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral2/memory/1168-0-0x000001C9753D0000-0x000001C9753F2000-memory.dmp	family_strela
behavioral2/memory/1168-1-0x000001C9753D0000-0x000001C9753F2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\4460462c39682fe4254a75b814033da0N.dll,#1
1⤵
PID:1168

memory/1168-0-0x000001C9753D0000-0x000001C9753F2000-memory.dmp

Filesize
136KB

Download
memory/1168-1-0x000001C9753D0000-0x000001C9753F2000-memory.dmp

Filesize
136KB

Download