General

  • Target

    R D X E 6 5.rar

  • Size

    10.7MB

  • MD5

    bf488a28c0aa529bf8ff779b673d58fb

  • SHA1

    687f8e7164f642d746a7c7b7dd5c1c70d1e1453c

  • SHA256

    f29f8a8d5cf10644a4fecee5eefacfdad688b0b96540cd68ea4ae7058bfe327b

  • SHA512

    3c02bd2718eaf58c7cd70c6cebf1c797a5cab5a684918eaa5068e836897c5ef4091f3dca1badb1bb86557a8ad103b1de39b5e19efd60029baf67f13244e0c542

  • SSDEEP

    196608:qfMWCbdJFQ4G78fFZ0sqBCaSqLHjgIoX8ExcBjP3hIksFQQdO5:hWCJfBFZ0sCd4IoMecV/hHsOQc

Score
10/10

Malware Config

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela family

Files

  • R D X E 6 5.rar
    .rar

    Password: 2024

  • R D X E 6 5/Client.config
    .exe windows:6 windows x86 arch:x86

    Password: 2024

    59bafed0fa1382619aa4b845f3f73552


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • R D X E 6 5/Roblox Executor.exe
    .exe windows:5 windows x86 arch:x86

    Password: 2024

    be41bf7b8cc010b614bd36bbca606973


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/Coated
  • $TEMP/Extensive
  • $TEMP/Franklin
  • $TEMP/Gmt
  • AdelaideMumbai/Dildos
  • AdelaideMumbai/Earrings
  • AdelaideMumbai/Form
  • AdelaideMumbai/Pads
  • AlikeIraqi/Compatibility
  • AlikeIraqi/Establish
  • AlikeIraqi/Negotiations
  • AlikeIraqi/Partition
  • AlikeIraqi/Racial
  • AsCamera/Sharing
  • DownArising/Appliance
  • DownArising/Freebsd
  • DownArising/Guard
  • DownArising/Min
  • DownArising/Perception
  • DownArising/Phantom
  • DownArising/Realized
  • DownArising/Serving
  • DownArising/Theoretical
  • ImLogin/Civil
  • ImLogin/Destroy
  • ImLogin/Fully
  • ImLogin/Metres
  • ImLogin/Mia
  • ImLogin/Surrounded
  • ImLogin/Varied
  • ImLogin/Wi
  • LimitingWorkflow/Buys
  • LimitingWorkflow/Cnn
  • LimitingWorkflow/Invoice
  • LimitingWorkflow/Ion
  • LimitingWorkflow/Keeping
  • R D X E 6 5/ai.cfg
  • R D X E 6 5/cacert.pem
  • R D X E 6 5/config.vdf