Overview

overview

10

Static

static

3

c5ad8ebd5d...0N.dll

windows7-x64

10

c5ad8ebd5d...0N.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    91s
  • max time network
    92s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-07-2024 13:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c5ad8ebd5d13762add019cc6ad5b1d80N.dll

  • Size

    125KB

  • MD5

    c5ad8ebd5d13762add019cc6ad5b1d80

  • SHA1

    4e587d0e8e26e12df0cdc3066f804dbb9bed8157

  • SHA256

    5cac84c8343b9eb4479fc4c6516cf5ef72eee48833106ec16db097fa4bac9eae

  • SHA512

    bc415272ee20dc0a780fec6b172b95c49c1ca04b5ee0207e11d09f744c48da72355eebe3ce600b2c5c226e67796657cb26fbc9f6979148bac6bbdf1dd108e357

  • SSDEEP

    3072:KEEcgUp6YCNDf6q6iiAXJkgriO3X//s43o5iryyQdHh+1B6hTIeNLHi:7p6QqLlkc3XM43orHhXIeNLHi

Score
10/10
strelastealer

Malware Config

Extracted

Family

strela

C2

45.9.74.32

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

    stealerstrela

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\c5ad8ebd5d13762add019cc6ad5b1d80N.dll,#1
    1⤵
      PID:4868

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4868-0-0x000001D880200000-0x000001D880222000-memory.dmp

      Filesize

      136KB

      Download

    • memory/4868-1-0x000001D880200000-0x000001D880222000-memory.dmp

      Filesize

      136KB

      Download