General

  • Target

    Celemony.Melodyne.Studio.4.v4.0.4.001-R2R.rar

  • Size

    82.5MB

  • Sample

    240824-afv4yaxakp

  • MD5

    01b488069e2c06d801c8324f08da3f4b

  • SHA1

    deda3a73cb8ab648370b7587cf27fed343636f2d

  • SHA256

    96db525e17659e726cb2c4e3872e4678a309d067b336c80687ad051383c352c4

  • SHA512

    146ac8d4689f54c932a41eb2d5c5eec49c2b5ff33047049f705ac96bead904252482a12aee4d2f04526b651143ed31b1bb0c50c545faee8a51d6f64c88d9b49d

  • SSDEEP

    1572864:M2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZb:M2tWNkekDLqNEAAU4wha29sjZb

Malware Config

Targets

    • Target

      Celemony.Melodyne.Studio.4.v4.0.4.001-R2R/setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    • Target

      $PLUGINSDIR/bass.dll

    • Size

      107KB

    • MD5

      c0b11a7e60f69241ddcb278722ab962f

    • SHA1

      ff855961eb5ed8779498915bab3d642044fc9bb1

    • SHA256

      a8d979460e970e84eacce36b8a68ae5f6b9cc0fe16e05a6209b4ead52b81b021

    • SHA512

      cb040aca6592310bffb72c898b8eb3ca8a46ff2df50212634c637593c58683c8ab62e0188da7aea362e1b063ae5db55cf4bf474295922af0ab94a526465cc472

    • SSDEEP

      3072:/T2x0givE7LLCQv6vRoRJrdEQeX0m9JQfrob:/T2Ogt7ag65kNqjJDb

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks