strela | d7d588b622ac79fc089ca242b0e9fa75ebaabc160330482494761d25cb7cb7e4 | Triage

Analysis

max time kernel
15s
max time network
16s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
16/07/2024, 06:08 UTC

Sharing

Report Analysis Logs

General

Target

7df4a5b6b717caf98d05f1b0b6641bf0N.dll
Size

125KB
MD5

7df4a5b6b717caf98d05f1b0b6641bf0
SHA1

dadf0550cf345541315dcba433affa51d0c44600
SHA256

d7d588b622ac79fc089ca242b0e9fa75ebaabc160330482494761d25cb7cb7e4
SHA512

8bb89640c4009f028ba58dd582378858cb05ec194a91d579ebbb92347556b328670d21abd16c061a419eb4b2820f2f0e6c79b44bd81b9c06f11790b63ca0a81d
SSDEEP

3072:g00+jYkUfsLVsleLj3E/CWbBuaH704bqW8M5t5E:gH0Qff+o/CWXQgq25tG

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes

url_path
/out.php
user_agent
Mozilla/4.0 (compatible)

Signatures

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/2280-0-0x00000000003D0000-0x00000000003F2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\7df4a5b6b717caf98d05f1b0b6641bf0N.dll,#1
1⤵
PID:2280

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2280-0-0x00000000003D0000-0x00000000003F2000-memory.dmp

Filesize
136KB

Download