Analysis Overview
score
10/10
SHA256
f9aae2ca83d60ae3a6e443d23c91672cda766f73003e4f3f0f99eec1f336d946
Threat Level: Known bad
The file Client.exe was found to be: Known bad.
Malicious Activity Summary
Detects Strela Stealer payload
Strela family
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-07-20 12:13
Signatures
Detects Strela Stealer payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Strela family
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-20 12:13
Reported
2024-07-20 12:14
Platform
win10v2004-20240709-en
Max time kernel
44s
Max time network
36s
Command Line
"C:\Users\Admin\AppData\Local\Temp\Client.exe"
Signatures
N/A
Processes
C:\Users\Admin\AppData\Local\Temp\Client.exe
"C:\Users\Admin\AppData\Local\Temp\Client.exe"
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.17.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 81.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 17.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.249.167.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 26.165.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
Files
N/A