Overview

overview

10

Static

static

1

OIP (2).jpg

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OIP (2).jpeg

  • Size

    5KB

  • Sample

    240917-wht6bawfmj

  • MD5

    978390ff7fe0563b7c8619e3039c4139

  • SHA1

    0ddad0f5936e8c91e155b96e5a2aa09d02081cf8

  • SHA256

    75945f272a9f2aae5348c53e6bb66ed111411b1d54465b117d1e907238a81859

  • SHA512

    b0398db07ad12ed550e3377275e492a5ea2fa63cf1b20d229ef5ddab5d413994c4633b1410117d56653ef944ec878fb59ad8b31a969beede78d1045a9b2726ab

  • SSDEEP

    96:XhTEtmMdtgVskFvIy6dtmrT5LxOCVJASUwWrflkQORfKQh8jWCLLPuSWCJis9c5Q:xTXMdCKyjrTxpJ8wqSPRfKQ2HuS3isRR

Score
10/10
streladiscoverystealerupx

Malware Config

Targets

    • Target

      OIP (2).jpeg

    • Size

      5KB

    • MD5

      978390ff7fe0563b7c8619e3039c4139

    • SHA1

      0ddad0f5936e8c91e155b96e5a2aa09d02081cf8

    • SHA256

      75945f272a9f2aae5348c53e6bb66ed111411b1d54465b117d1e907238a81859

    • SHA512

      b0398db07ad12ed550e3377275e492a5ea2fa63cf1b20d229ef5ddab5d413994c4633b1410117d56653ef944ec878fb59ad8b31a969beede78d1045a9b2726ab

    • SSDEEP

      96:XhTEtmMdtgVskFvIy6dtmrT5LxOCVJASUwWrflkQORfKQh8jWCLLPuSWCJis9c5Q:xTXMdCKyjrTxpJ8wqSPRfKQ2HuS3isRR

    Score
    10/10
    streladiscoverystealerupx

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Downloads MZ/PE file

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks