Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    17-10-2024 21:39

General

  • Target

    cd39bec789b79d9ea6a642ab2ddc93121f5596de21e3b13c335ceaddb83f2083.dll

  • Size

    238KB

  • MD5

    1125f2302b70b848aa4fac0f8e78a854

  • SHA1

    a6ae96bd91e2f40409a2fbc44a0f48e3eb53ff33

  • SHA256

    cd39bec789b79d9ea6a642ab2ddc93121f5596de21e3b13c335ceaddb83f2083

  • SHA512

    9dc5f1412ee367097d7770638e69ac6d971720b2dfae292a800615bb803ed7d7babcd5f6210635ecd02b1bdb5886f89a08bfa9e37d1bf15af31138056df037b5

  • SSDEEP

    3072:RwojVWGVHsECD24ohYOgiN5WV3uahEgl2ZCzRP2aurhES6laHQK8NeJyaJDoVVG8:20VWZEljWe2tuvrhEONugXDozR

Score
10/10

Malware Config

Extracted

Family

strela

C2

94.159.113.48

Attributes
  • url_path

    /server.php

Signatures

  • Detects Strela Stealer payload 2 IoCs
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\cd39bec789b79d9ea6a642ab2ddc93121f5596de21e3b13c335ceaddb83f2083.dll,#1
    1⤵
      PID:2496

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2496-0-0x0000000000120000-0x0000000000143000-memory.dmp

      Filesize

      140KB

    • memory/2496-1-0x0000000000120000-0x0000000000143000-memory.dmp

      Filesize

      140KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.