Analysis

  • max time kernel
    140s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-07-2024 01:08

General

  • Target

    983f02fdf375d84d856d23bab1c5db4e7ac6e15766e3eeeb5505242ae964bbb8.dll

  • Size

    160KB

  • MD5

    78941de5550e6f0d4ca9e003c7393e2b

  • SHA1

    32ad535b03d53fcc3e47188d658f27790fc3ac47

  • SHA256

    983f02fdf375d84d856d23bab1c5db4e7ac6e15766e3eeeb5505242ae964bbb8

  • SHA512

    5365bc5f694fe43e9e70d81638a863c4ba065b231c2dc064d892bbb19b360a2743db3f107cdc17927ee45a4b1a6feedad34c9077bc5f62b0596ffd33c2b8acdf

  • SSDEEP

    3072:VhCxkX/DfEPWxIl1Dfnmp4rxjPToi7mqdWZyud:+I/DsexITDprx78qmq0

Score
10/10

Malware Config

Extracted

Family

strela

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\983f02fdf375d84d856d23bab1c5db4e7ac6e15766e3eeeb5505242ae964bbb8.dll
    1⤵
      PID:5044

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5044-0-0x0000000002E50000-0x0000000002E72000-memory.dmp

      Filesize

      136KB