Analysis
-
max time kernel
95s -
max time network
96s -
platform
windows10-2004_x64 -
resource
win10v2004-20240709-en -
resource tags
arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system -
submitted
16-07-2024 05:25
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
75acfa64a817629076ebec92b25ada40N.dll
Resource
win7-20240705-en
windows7-x64
2 signatures
120 seconds
General
-
Target
75acfa64a817629076ebec92b25ada40N.dll
-
Size
122KB
-
MD5
75acfa64a817629076ebec92b25ada40
-
SHA1
a0abe7cbe75f96e0c28c045bdb4839d95a7eaaed
-
SHA256
47565cb157c0ea7bcd3f9cded96423f89de709b83a9e684b146f86883dc6f99e
-
SHA512
a73b5374da0cc78240b6f139666e9ed4512fd5ea0299b2d3644105ec40f007fa9996ea8db3689a8d9da5e82fe4901e20a6b3a5e61372dba4376f52becbb14deb
-
SSDEEP
1536:r7XUdK9iTO+5lIXNkXsbnCDPLsyWcRfMmPdeTt9zvco+MvW937c5s9DnzPPxW62x:3qK95aIXdnCDzfxfMtzUzZQ5Wzn1Q3O
Malware Config
Extracted
Family
strela
C2
45.9.74.32
Attributes
-
url_path
/out.php
-
user_agent
Mozilla/4.0 (compatible)
Signatures
-
Detects Strela Stealer payload 2 IoCs
resource yara_rule behavioral2/memory/2420-0-0x000001A70CA50000-0x000001A70CA72000-memory.dmp family_strela behavioral2/memory/2420-1-0x000001A70CA50000-0x000001A70CA72000-memory.dmp family_strela