Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    30-07-2024 22:36

General

  • Target

    538786c447af61a6f93cc8afd52d43849ed7f8561d5c3fa1d7ae960bc65098fd.dll

  • Size

    164KB

  • MD5

    db0c33fe96ec030696eeea82ce52d905

  • SHA1

    356a392f3b3b69111298221cf614854a03ca489d

  • SHA256

    538786c447af61a6f93cc8afd52d43849ed7f8561d5c3fa1d7ae960bc65098fd

  • SHA512

    2c3dceba976094dde887d46cedf2714e52c5b2329409570547b4ea3144ce65f7a33b281eeb8b5bda509bc5a205bd16b61f2f3895affc65e546a3f0fb6e87e8c4

  • SSDEEP

    3072:IXh+3uJ/SUkX9aWKsIJmjMrYlbydi846TyBeKd//Sxc:IXNJEKsII5ydi8I/6+

Score
10/10

Malware Config

Extracted

Family

strela

Attributes
  • url_path

    /out.php

  • user_agent

    Mozilla/4.0 (compatible)

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\538786c447af61a6f93cc8afd52d43849ed7f8561d5c3fa1d7ae960bc65098fd.dll
    1⤵
      PID:2380

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2380-0-0x0000000000210000-0x0000000000232000-memory.dmp

      Filesize

      136KB