Analysis
-
max time kernel
13s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
25-07-2024 20:35
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
3a46401d1d5c386d8b305d281a05e88bd362176a8d3096f02d39d187ffa7dd4d.dll
Resource
win7-20240704-en
windows7-x64
2 signatures
150 seconds
General
-
Target
3a46401d1d5c386d8b305d281a05e88bd362176a8d3096f02d39d187ffa7dd4d.dll
-
Size
182KB
-
MD5
d8d34d04f9ca0c30a2acf72a09dc4dd1
-
SHA1
774fea7023e3d6b79ab085bca7454e017f5427ff
-
SHA256
3a46401d1d5c386d8b305d281a05e88bd362176a8d3096f02d39d187ffa7dd4d
-
SHA512
c0cf14be26112578a8c3adcf46776c1c1dd18f3258e06f526b3a2551c3b900b59d478cffeb3ea5c8c9c83569198275f32e848fb38eeb97dffbc99a598cf4369f
-
SSDEEP
3072:li3qsEt2Nfzq+dIpHt9U2JN8iPt34PSp6QY7Lh+OUri3fOUtOl:li3qkcpHHU2J5N4sM+ifAl
Malware Config
Extracted
Family
strela
Attributes
-
url_path
/out.php
-
user_agent
Mozilla/4.0 (compatible)
Signatures
-
Detects Strela Stealer payload 2 IoCs
resource yara_rule behavioral1/memory/2452-0-0x0000000000200000-0x0000000000222000-memory.dmp family_strela behavioral1/memory/2452-1-0x0000000000200000-0x0000000000222000-memory.dmp family_strela