Overview

overview

10

Static

static

3

5ffd454f92...0N.dll

windows7-x64

10

5ffd454f92...0N.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    16-07-2024 03:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ffd454f92efcb796e4c969bcdb07230N.dll

  • Size

    124KB

  • MD5

    5ffd454f92efcb796e4c969bcdb07230

  • SHA1

    04433b1e74d61cba5ddd82d3a4cf8583c95a26bb

  • SHA256

    ce5c4aeebc795da3d8e9e7f08114c694db9940fc2fbc28be100a9ad65058f461

  • SHA512

    ec1e9b4f4e913961e10b426b00a5473a18b9a2b0eedfa80e5b5aa57509ae10837076796370ace0dea28df9dc5b90288c9bcff90f7b44266bee4a05295ab414c4

  • SSDEEP

    3072:nER7Uw0QJ6A4uEAcNWWuXZpQtEwXUL7De9NRbRFHZql+IEgJ1AF:nER7UgD46HJwELeDzVIEgJI

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ffd454f92efcb796e4c969bcdb07230N.dll,#1
    1⤵
      PID:2076

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2076-0-0x00000000001D0000-0x00000000001F2000-memory.dmp

      Filesize

      136KB

      Download