strela | 923843bef141b06ecbf191ce9c374010d6deeae080f7ccd32f42709da0117af1 | Triage

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
16-07-2024 08:11

Sharing

Report Analysis Logs

General

Target

914bc7a3ac74f6635aade1ec6d229c70N.dll
Size

123KB
MD5

914bc7a3ac74f6635aade1ec6d229c70
SHA1

8376872d7ad250446defc66481fb66820d5ffa98
SHA256

923843bef141b06ecbf191ce9c374010d6deeae080f7ccd32f42709da0117af1
SHA512

f40919c3640af01462ccec6a028d1fe63db8c7775c1a80794d39e16c722c6367368ea10453590404bf84a073e69dce7479696500eabc1eb75351ae46513e9103
SSDEEP

3072:ABCXzFimCGDEzm/cMEB3kEERm9z3zTgz8fIf:ABCpihgEa/c53JERm9HTyz

Score

10^/10

strela stealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes

url_path
/out.php
user_agent
Mozilla/4.0 (compatible)

Signatures

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral1/memory/2324-0-0x0000000001F20000-0x0000000001F42000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\914bc7a3ac74f6635aade1ec6d229c70N.dll,#1
1⤵
PID:2324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2324-0-0x0000000001F20000-0x0000000001F42000-memory.dmp

Filesize
136KB

Download