Overview

overview

10

Static

static

3

setup.exe

windows11-21h2-x64

10

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/bass.dll

windows11-21h2-x64

3

setup.exe

windows11-21h2-x64

10

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/bass.dll

windows11-21h2-x64

3

setup.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MELODYNE.rar

  • Size

    165.2MB

  • Sample

    241022-r4845sscrp

  • MD5

    856b9721814c4fdd56db57a611c438d1

  • SHA1

    19280eb40b05a0844a0341f72eeaa2e6c5887531

  • SHA256

    6a0ac5a6cef15e181e0808a20033f12af37c0ab5d80d6eba62ca3c98b430a740

  • SHA512

    d6ef923fe4277889713d6c6b55782dcd0e949342176c8652ffa38ebeb1b6adb513a6ab13b778714cb10b4ef65cfe16f8e5e1a7f812960582febc9df775a627ce

  • SSDEEP

    3145728:bMsJEqF+1ba31/lv88F28vve7G3n9GNiHX0dZSwTW9rxSQ8qb7Q9hiYLawK:bMRI+JaF/p88/uCX9Qi302wK9rxSQ8qf

Score
10/10
streladiscoverystealer

Malware Config

Targets

    • Target

      setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    Score
    10/10
    streladiscoverystealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    discovery
    behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    discovery
    behavioral3

    • Target

      $PLUGINSDIR/bass.dll

    • Size

      107KB

    • MD5

      c0b11a7e60f69241ddcb278722ab962f

    • SHA1

      ff855961eb5ed8779498915bab3d642044fc9bb1

    • SHA256

      a8d979460e970e84eacce36b8a68ae5f6b9cc0fe16e05a6209b4ead52b81b021

    • SHA512

      cb040aca6592310bffb72c898b8eb3ca8a46ff2df50212634c637593c58683c8ab62e0188da7aea362e1b063ae5db55cf4bf474295922af0ab94a526465cc472

    • SSDEEP

      3072:/T2x0givE7LLCQv6vRoRJrdEQeX0m9JQfrob:/T2Ogt7ag65kNqjJDb

    Score
    3/10
    discovery
    behavioral4

    • Target

      setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    Score
    10/10
    streladiscoverystealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral5

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    discovery
    behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    discovery
    behavioral7

    • Target

      $PLUGINSDIR/bass.dll

    • Size

      107KB

    • MD5

      c0b11a7e60f69241ddcb278722ab962f

    • SHA1

      ff855961eb5ed8779498915bab3d642044fc9bb1

    • SHA256

      a8d979460e970e84eacce36b8a68ae5f6b9cc0fe16e05a6209b4ead52b81b021

    • SHA512

      cb040aca6592310bffb72c898b8eb3ca8a46ff2df50212634c637593c58683c8ab62e0188da7aea362e1b063ae5db55cf4bf474295922af0ab94a526465cc472

    • SSDEEP

      3072:/T2x0givE7LLCQv6vRoRJrdEQeX0m9JQfrob:/T2Ogt7ag65kNqjJDb

    Score
    3/10
    discovery
    behavioral8

    • Target

      setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    Score
    10/10
    streladiscoverystealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral9

MITRE ATT&CK Enterprise v15

Tasks