strela | ec7827fa1e5e749c06d754ed4aebaf4b64eea381682079068aa75ee4010b353b | Triage

Analysis

max time kernel
94s
max time network
101s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16-07-2024 06:28

Sharing

Report Analysis Logs

General

Target

8133dd308d7dfd992acd3a5b18029bd0N.dll
Size

124KB
MD5

8133dd308d7dfd992acd3a5b18029bd0
SHA1

548251862bed78bb7e0567ec6c27e758ba058959
SHA256

ec7827fa1e5e749c06d754ed4aebaf4b64eea381682079068aa75ee4010b353b
SHA512

edd2e9880292f4d02bdb088d7061e42735f58d00bf45e46ba57bccdb2b81769c0c83aab8a295531d77fb84fb6739d02e30b74d54f30db9afbe2dc925c9a48323
SSDEEP

3072:LdQEkTsSpOl1T0eirh/9gYvtDsNKOYlbK:LdQE2sGODIeWNTOYFK

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes

url_path
/out.php
user_agent
Mozilla/4.0 (compatible)

Signatures

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/1872-0-0x0000022CFC700000-0x0000022CFC722000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\8133dd308d7dfd992acd3a5b18029bd0N.dll,#1
1⤵
PID:1872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1872-0-0x0000022CFC700000-0x0000022CFC722000-memory.dmp

Filesize
136KB

Download