strela | f1392d7a061333b7ae8cbece9ab87ee6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f1392d7a061333b7ae8cbece9ab87ee6_JaffaCakes118
Size

3.5MB
MD5

f1392d7a061333b7ae8cbece9ab87ee6
SHA1

e41d9fe104f221c248343f06a2151b8396068797
SHA256

b5a83963be4babe4b7db2867a62484d5460a6d1b6851df9cecf47fed3ecd264e
SHA512

b8d034235f5e1615b67d86988945be2a6d5fcc220687807a310915990708775d4e8c38b78cd1e37825e42540b61f9bf61d2deaaef135f613d75fc5e8f52e3b3f
SSDEEP

98304:F4uEIWNLQdS40pnBUFkq16fP6j3kf+zbPa:W9ztQ8BCKWkQ

Score

10^/10

strela

Malware Config

Signatures

Detects Strela Stealer payload 1 IoCs

resource	yara_rule
sample	family_strela

Strela family
strela

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1392d7a061333b7ae8cbece9ab87ee6_JaffaCakes118

Files

f1392d7a061333b7ae8cbece9ab87ee6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cfee3b7c553dd33fbaeffcd7e24c02c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegQueryMultipleValuesW
RegCreateKeyExW
OpenProcessToken
GetUserNameW
LookupPrivilegeValueW
AdjustTokenPrivileges
RegCreateKeyW
RegEnumKeyW
RegQueryValueExW
RegOpenKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegOpenKeyA
RegEnumValueW

comctl32

ord17
ord16
CreateStatusWindowW
ImageList_Draw
ImageList_Destroy
ImageList_Add
ImageList_AddMasked
ImageList_SetBkColor
ImageList_Replace
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Create
ImageList_GetImageCount
ImageList_Remove

gdi32

Polyline
GetBkColor
SetPolyFillMode
Ellipse
Rectangle
SelectClipRgn
SetPixel
SetBrushOrgEx
CreateFontIndirectW
Polygon
MaskBlt
SetWindowExtEx
ExtFloodFill
SetViewportOrgEx
Pie
Arc
SetWindowOrgEx
GetNearestPaletteIndex
CreatePalette
CreatePatternBrush
CreateHatchBrush
ExtCreatePen
CreateDIBitmap
RectInRegion
CombineRgn
PtInRegion
GetClipBox
CreatePolygonRgn
SelectPalette
PatBlt
CreateICW
CreateBitmapIndirect
SetDIBits
CreateDCW
SetTextAlign
GetTextExtentPoint32W
CreateEnhMetaFileW
CloseEnhMetaFile
SetWinMetaFileBits
CopyEnhMetaFileW
PlayEnhMetaFile
GetEnhMetaFileHeader
GetWinMetaFileBits
GetMetaFileBitsEx
DeleteEnhMetaFile
SetMetaFileBitsEx
GetSystemPaletteEntries
GetStockObject
SetViewportExtEx
SetROP2
RoundRect
TranslateCharsetInfo
GetDeviceCaps
GetObjectW
BitBlt
DeleteDC
ExtSelectClipRgn
GetPixel
TextOutW
GetTextColor
MoveToEx
LineTo
CreatePen
SetBkMode
GetTextMetricsW
GdiFlush
SetMapMode
GetTextExtentPointW
CreateRectRgn
CreateSolidBrush
GetRegionData
OffsetRgn
ExtCreateRegion
GetBitmapBits
SetDIBitsToDevice
SetTextColor
GetDIBits
SetBkColor
CreateBitmap
GetPaletteEntries
CreateCompatibleBitmap
RealizePalette
CreateCompatibleDC
DeleteObject
GetRgnBox
CreateBrushIndirect
SelectObject
StretchDIBits

kernel32

DuplicateHandle
CreateThread
CopyFileW
SetCurrentDirectoryW
GetWindowsDirectoryW
LocalUnlock
LocalHandle
_lopen
ExpandEnvironmentStringsW
InterlockedDecrement
InterlockedExchange
GetSystemTimeAsFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
ExitThread
IsBadReadPtr
HeapAlloc
HeapReAlloc
ExitProcess
GetFileType
FlushFileBuffers
SetStdHandle
RemoveDirectoryW
GetFullPathNameW
GetCurrentDirectoryA
GetFullPathNameA
RtlUnwind
RaiseException
GetCPInfo
LCMapStringA
CreatePipe
GetStringTypeA
GetStringTypeW
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapDestroy
HeapCreate
IsBadWritePtr
HeapSize
CompareStringA
CompareStringW
GetTimeZoneInformation
SetEndOfFile
VirtualProtect
VirtualQuery
GetTimeFormatA
GetDateFormatA
SetUnhandledExceptionFilter
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
QueryPerformanceCounter
GetTickCount
IsBadCodePtr
GetOEMCP
SetEnvironmentVariableA
CreateProcessW
PeekNamedPipe
GlobalReAlloc
_lread
GlobalFree
GlobalUnlock
GlobalAlloc
_lclose
GlobalLock
GlobalSize
_lwrite
_llseek
OpenFile
LocalAlloc
SetThreadLocale
GetACP
GetLocaleInfoW
GetUserDefaultLCID
LocalFileTimeToFileTime
FileTimeToLocalFileTime
GetShortPathNameW
FileTimeToSystemTime
ResumeThread
SuspendThread
TlsFree
TlsAlloc
ReleaseMutex
DeleteCriticalSection
GetProcessAffinityMask
GetSystemInfo
GetExitCodeThread
CreateSemaphoreW
ReleaseSemaphore
SetThreadPriority
TlsSetValue
InterlockedIncrement
GetFileInformationByHandle
TlsGetValue
CreateMutexW
LoadLibraryW
GetCurrentThreadId
GetCurrentProcessId
WriteProfileStringW
LockResource
WritePrivateProfileStringW
TerminateProcess
GetExitCodeProcess
SizeofResource
Sleep
FatalAppExitW
OpenProcess
GetPrivateProfileStringW
OutputDebugStringW
GetComputerNameW
GetProfileStringW
SetEnvironmentVariableW
GetCurrentProcess
LoadResource
FindResourceW
GlobalMemoryStatus
GetEnvironmentVariableW
VirtualFree
GetTempPathA
GetTempFileNameA
CreateEventW
ResetEvent
DeviceIoControl
GetDriveTypeA
FormatMessageA
GetVersion
FreeLibrary
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
SetFileAttributesW
DeleteFileW
GetDiskFreeSpaceW
MoveFileW
SetVolumeLabelW
GetCurrentDirectoryW
GetTempPathW
CreateFileW
GetFileAttributesW
GetDriveTypeW
GetFileSize
GetTempFileNameW
GetLogicalDrives
CreateDirectoryW
FindNextFileW
FindFirstFileW
LocalFree
GetLastError
FormatMessageW
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetVersionExW
TerminateThread
WaitForSingleObject
GetSystemTime
SetLastError
SystemTimeToFileTime
DeleteFileA
CloseHandle
GetFileTime
LoadLibraryA
FindClose
VirtualAlloc
GetProcAddress
FindFirstFileA
ReadFile
WriteFile
SetFileTime
SetFilePointer
CreateFileA
LCMapStringW

rpcrt4

UuidCreate
RpcStringFreeW
UuidToStringW

setupapi

SetupDiGetDeviceInstallParamsW
SetupDiCreateDeviceInfoListExW
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsW
SetupDiOpenDeviceInfoW
SetupDiCallClassInstaller

shell32

SHGetMalloc
SHBrowseForFolderW
DragFinish
DragQueryPoint
DragQueryFileW
DragAcceptFiles
ExtractIconExW
ExtractIconW
ShellExecuteW
SHGetPathFromIDListW

user32

SetClipboardData
RegisterClipboardFormatW
EmptyClipboard
GetClipboardData
EnumClipboardFormats
GetClipboardFormatNameW
DefFrameProcW
TranslateMDISysAccel
GetMenuItemCount
DefMDIChildProcW
RedrawWindow
GetMenuStringW
CreateIcon
DdeFreeDataHandle
DdeDisconnect
DdeNameService
DdeConnect
DdePostAdvise
DdeClientTransaction
DdeCreateDataHandle
DdeUninitialize
DdeQueryStringW
DdeGetData
DdeGetLastError
DdeCreateStringHandleW
DdeInitializeW
DrawStateW
DrawEdge
ModifyMenuW
CheckMenuRadioItem
GetMenuState
CheckMenuItem
WaitForInputIdle
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
CreateCursor
DestroyCursor
MsgWaitForMultipleObjects
PostThreadMessageW
EndPaint
SetForegroundWindow
DrawIcon
BeginPaint
GetUpdateRect
SetMenu
DrawIconEx
DrawFrameControl
UnionRect
DrawTextW
DrawFocusRect
InflateRect
OffsetRect
CopyRect
SetTimer
KillTimer
keybd_event
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetForegroundWindow
GetDlgItem
CreateDialogParamW
ClientToScreen
GetUpdateRgn
ScreenToClient
TrackPopupMenu
FillRect
SetCapture
SetScrollRange
ChildWindowFromPointEx
CallNextHookEx
IsWindowEnabled
WindowFromPoint
SetParent
SetFocus
PtInRect
GetClassInfoW
GetScrollRange
GetCapture
ChildWindowFromPoint
GetScrollInfo
InvalidateRect
SetCursorPos
ScrollWindow
GetSysColor
GetActiveWindow
IsWindow
SetWindowsHookExW
UnhookWindowsHookEx
ReleaseCapture
IsWindowVisible
UpdateWindow
EnableWindow
SetScrollInfo
GetScrollPos
CallWindowProcW
GetWindow
DestroyWindow
SetWindowRgn
GetSystemMenu
GetWindowRect
IsIconic
IsZoomed
GetClientRect
CreateDialogIndirectParamW
BringWindowToTop
EnableMenuItem
SetWindowLongW
SetWindowPos
ShowWindow
DrawMenuBar
CreateWindowExW
AdjustWindowRectEx
SendMessageW
SetWindowTextW
DefWindowProcW
MoveWindow
SetCursor
GetWindowTextLengthW
wvsprintfW
MessageBeep
ExitWindowsEx
EnumWindows
GetDC
GetWindowTextW
SystemParametersInfoW
GetClassNameW
ReleaseDC
GetCursorPos
GetWindowThreadProcessId
LoadImageW
GetIconInfo
LoadIconW
GetSystemMetrics
CreateIconIndirect
GetMessageW
PostQuitMessage
UnregisterClassW
PostMessageW
GetKeyState
SetScrollPos
GetWindowDC
GetSubMenu
CreateMenu
AppendMenuW
CreatePopupMenu
RemoveMenu
InsertMenuW
DestroyMenu
GetFocus
SetMenuItemInfoW
GetParent
LoadCursorW
TranslateMessage
IsDialogMessageW
GetWindowLongW
PeekMessageW
LoadBitmapW
RegisterClassW
DestroyIcon
DispatchMessageW
CharToOemBuffA
OemToCharBuffA
GetDesktopWindow
MessageBoxW
LoadStringW
GetMessagePos

wininet

InternetOpenUrlW
InternetCloseHandle
InternetOpenW
InternetReadFile

winmm

mciGetErrorStringA
mciSendCommandW

comdlg32

ChooseFontW
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW
CommDlgExtendedError
ChooseColorW

ole32

OleFlushClipboard
ReleaseStgMedium
RegisterDragDrop
CoUninitialize
CoInitialize
CoLockObjectExternal
RevokeDragDrop
OleUninitialize
OleInitialize
OleSetClipboard
OleGetClipboard

Sections

.text
Size: 996KB - Virtual size: 1000KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 342KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 135KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cfee3b7c553dd33fbaeffcd7e24c02c7

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

rpcrt4

setupapi

shell32

user32

wininet

winmm

comdlg32

ole32

Sections

.text Size: 996KB - Virtual size: 1000KB

Size: 342KB - Virtual size: 344KB

.data Size: 135KB - Virtual size: 344KB

.rsrc Size: 269KB - Virtual size: 268KB

Size: 1.7MB - Virtual size: 1.7MB

.idata Size: 11KB - Virtual size: 12KB

.text
Size: 996KB - Virtual size: 1000KB

.data
Size: 135KB - Virtual size: 344KB

.rsrc
Size: 269KB - Virtual size: 268KB

.idata
Size: 11KB - Virtual size: 12KB