strela | 18607bb3c25ebdfa41ff8533f5edce31d08167d7f78dcb591f2b9e75e200b8dd

Analysis

max time kernel
95s
max time network
98s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
16-07-2024 13:08

Target

c4d7ab48fbc223ec581310036dae9910N.dll
Size

124KB
MD5

c4d7ab48fbc223ec581310036dae9910
SHA1

a101f3e05c88b01b2382e050fd6f239972048859
SHA256

18607bb3c25ebdfa41ff8533f5edce31d08167d7f78dcb591f2b9e75e200b8dd
SHA512

c8a61f42bdde79eafdb0a5bbcbad8ca0dd40dc1a60e02e28a187a1ad60b3105798a7cbdbc59873a8648a1c4dd1f851becbc48951671befa534f0913fb52617fe
SSDEEP

1536:kCTdyflz99McjLlVExXmRUt7Gdvd1VbN25QXGiI7n2wz73Up3vc4z7Ba4mlEKDJt:f4p99nnk2ut78GOk7973ez7oaKldq+

Score

10^/10

strela stealer

Family

strela

45.9.74.32

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral2/memory/1344-0-0x000001FDC08B0000-0x000001FDC08D2000-memory.dmp	family_strela
behavioral2/memory/1344-1-0x000001FDC08B0000-0x000001FDC08D2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c4d7ab48fbc223ec581310036dae9910N.dll,#1
1⤵
PID:1344

memory/1344-0-0x000001FDC08B0000-0x000001FDC08D2000-memory.dmp

Filesize
136KB

Download
memory/1344-1-0x000001FDC08B0000-0x000001FDC08D2000-memory.dmp

Filesize
136KB

Download