Overview

overview

10

Static

static

3

7f6e1b6bf2...0N.dll

windows7-x64

10

7f6e1b6bf2...0N.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-07-2024 06:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7f6e1b6bf261cc4761e73501fdde9a10N.dll

  • Size

    124KB

  • MD5

    7f6e1b6bf261cc4761e73501fdde9a10

  • SHA1

    9c8ae9cb61b2e6ea442fff9c90776b6010665fcf

  • SHA256

    3d10a35a8fac108ba9f0557dfdcbb558a80110ac2ee74ca8229eb1dfed2ed7a4

  • SHA512

    726fa6592ed6bae4685fea566d45f9a326f5d4c8434f4b13726ada02dadc9c831f3b6828b75e2c64c4b998fe4357ecd1c80923fc39521d0c11dc6c2ddf9cefcc

  • SSDEEP

    3072:CkbyEmXM2ESh2LfMg+cM01Efi4Sn0tl84q0fTaYxH61x8xsp2RbOuD0MJWP0EE:CkbyZXNEShG0tTrSn0tS4fT7ax8SkRbM

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\7f6e1b6bf261cc4761e73501fdde9a10N.dll,#1
    1⤵
      PID:3128

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3128-0-0x00000235ADF50000-0x00000235ADF72000-memory.dmp

      Filesize

      136KB

      Download

    • memory/3128-1-0x00000235ADF50000-0x00000235ADF72000-memory.dmp

      Filesize

      136KB

      Download