Overview

overview

10

Static

static

3

c185978bd0...0N.dll

windows7-x64

10

c185978bd0...0N.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c185978bd0f3df3352e0e603f58abb30N.exe

  • Size

    275KB

  • Sample

    240716-pz7dmswclh

  • MD5

    c185978bd0f3df3352e0e603f58abb30

  • SHA1

    37df870dca9566e2518d8823dc6e94a15a954043

  • SHA256

    3d5e1d63df43557dd0045885eed82a2cb2c40d3b90b37d2873857cfe5bba5ae6

  • SHA512

    79156f7f791d988684f594e85cc900da6ceb4fe4f36c79b4a879b0d99b120cf13e741cb8b5a892b0d7493be1d16308cbe1e727a36a2b934d5baa62a0fd87f8a6

  • SSDEEP

    6144:YsSdQVmtWq9lS5I1FheAMJ3nC1eB8WVNlVobwUVkt2i7eLWZiNo19UB:YsSdQVmtWq9lS5I1FheAMJ3CGVfxtRB+

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.176

Attributes
  • url_path

    /server.php

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537

Targets

    • Target

      c185978bd0f3df3352e0e603f58abb30N.exe

    • Size

      275KB

    • MD5

      c185978bd0f3df3352e0e603f58abb30

    • SHA1

      37df870dca9566e2518d8823dc6e94a15a954043

    • SHA256

      3d5e1d63df43557dd0045885eed82a2cb2c40d3b90b37d2873857cfe5bba5ae6

    • SHA512

      79156f7f791d988684f594e85cc900da6ceb4fe4f36c79b4a879b0d99b120cf13e741cb8b5a892b0d7493be1d16308cbe1e727a36a2b934d5baa62a0fd87f8a6

    • SSDEEP

      6144:YsSdQVmtWq9lS5I1FheAMJ3nC1eB8WVNlVobwUVkt2i7eLWZiNo19UB:YsSdQVmtWq9lS5I1FheAMJ3CGVfxtRB+

    Score
    10/10
    strelastealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks