strela | 047544bd45d8fcf796798c7a8d9658d6b3c6a3eaea1797fc84629e25e3eecf85

Analysis

max time kernel
100s
max time network
101s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
23-07-2024 20:42

Target

0767f22f02713717a92c61c8f844cbe0N.dll
Size

185KB
MD5

0767f22f02713717a92c61c8f844cbe0
SHA1

e6638791005c7719790674f59620f126a61d7495
SHA256

047544bd45d8fcf796798c7a8d9658d6b3c6a3eaea1797fc84629e25e3eecf85
SHA512

74f9184fe51928449d20c9d1a2e3449d77026a912c03d3d938b1668c2623ba42ab544e9dfcf9f24e6f550ce4b469a878dc95a19827976f49b942e5a8ef233a7d
SSDEEP

3072:DC9HusLq1olGEqfRZ1/64AevhSW0VU31yUO5JFWy4poHgJZQ8v:DC9HusLqilG7Z1th+VMoUO5LWy4lZQK

Score

10^/10

strela stealer

Family

strela

45.9.74.36

Attributes

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
behavioral2/memory/4024-0-0x00000000028D0000-0x00000000028F2000-memory.dmp	family_strela

Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\0767f22f02713717a92c61c8f844cbe0N.dll
1⤵
PID:4024

memory/4024-0-0x00000000028D0000-0x00000000028F2000-memory.dmp

Filesize
136KB

Download