Overview

overview

10

Static

static

3

setup.exe

windows11-21h2-x64

10

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/bass.dll

windows11-21h2-x64

3

setup.exe

windows11-21h2-x64

10

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDIR/bass.dll

windows11-21h2-x64

3

setup.exe

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MELODYNE.rar

  • Size

    165.2MB

  • Sample

    241022-r4845sscrp

  • MD5

    856b9721814c4fdd56db57a611c438d1

  • SHA1

    19280eb40b05a0844a0341f72eeaa2e6c5887531

  • SHA256

    6a0ac5a6cef15e181e0808a20033f12af37c0ab5d80d6eba62ca3c98b430a740

  • SHA512

    d6ef923fe4277889713d6c6b55782dcd0e949342176c8652ffa38ebeb1b6adb513a6ab13b778714cb10b4ef65cfe16f8e5e1a7f812960582febc9df775a627ce

  • SSDEEP

    3145728:bMsJEqF+1ba31/lv88F28vve7G3n9GNiHX0dZSwTW9rxSQ8qb7Q9hiYLawK:bMRI+JaF/p88/uCX9Qi302wK9rxSQ8qf

Score
10/10
streladiscoverystealer

Malware Config

Targets

    • Target

      setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    Score
    10/10
    streladiscoverystealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral1

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    discovery
    behavioral2

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    discovery
    behavioral3

    • Target

      $PLUGINSDIR/bass.dll

    • Size

      107KB

    • MD5

      c0b11a7e60f69241ddcb278722ab962f

    • SHA1

      ff855961eb5ed8779498915bab3d642044fc9bb1

    • SHA256

      a8d979460e970e84eacce36b8a68ae5f6b9cc0fe16e05a6209b4ead52b81b021

    • SHA512

      cb040aca6592310bffb72c898b8eb3ca8a46ff2df50212634c637593c58683c8ab62e0188da7aea362e1b063ae5db55cf4bf474295922af0ab94a526465cc472

    • SSDEEP

      3072:/T2x0givE7LLCQv6vRoRJrdEQeX0m9JQfrob:/T2Ogt7ag65kNqjJDb

    Score
    3/10
    discovery
    behavioral4

    • Target

      setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    Score
    10/10
    streladiscoverystealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral5

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      89351a0a6a89519c86c5531e20dab9ea

    • SHA1

      9e801aaaae9e70d8f7fc52f6f12cedc55e4c8a00

    • SHA256

      f530069ef87a1c163c4fd63a3d5b053420ce3d7a98739c70211b4a99f90d6277

    • SHA512

      13168fa828b581383e5f64d3b54be357e98d2eb9362b45685e7426ffc2f0696ab432cc8a3f374ce8abd03c096f1662d954877afa886fc4aa74709e6044b75c08

    • SSDEEP

      384:/MnT0MKT/Xwr2izZQ86mpAT8F9lN8Ov0J:EQMKzwTFnVX8i0

    Score
    3/10
    discovery
    behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      bf712f32249029466fa86756f5546950

    • SHA1

      75ac4dc4808ac148ddd78f6b89a51afbd4091c2e

    • SHA256

      7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af

    • SHA512

      13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4

    • SSDEEP

      192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/

    Score
    3/10
    discovery
    behavioral7

    • Target

      $PLUGINSDIR/bass.dll

    • Size

      107KB

    • MD5

      c0b11a7e60f69241ddcb278722ab962f

    • SHA1

      ff855961eb5ed8779498915bab3d642044fc9bb1

    • SHA256

      a8d979460e970e84eacce36b8a68ae5f6b9cc0fe16e05a6209b4ead52b81b021

    • SHA512

      cb040aca6592310bffb72c898b8eb3ca8a46ff2df50212634c637593c58683c8ab62e0188da7aea362e1b063ae5db55cf4bf474295922af0ab94a526465cc472

    • SSDEEP

      3072:/T2x0givE7LLCQv6vRoRJrdEQeX0m9JQfrob:/T2Ogt7ag65kNqjJDb

    Score
    3/10
    discovery
    behavioral8

    • Target

      setup.exe

    • Size

      82.5MB

    • MD5

      2b408f64508f89f31eea20586050fd85

    • SHA1

      8f26ee1f0d9714dbadd99ca6d26751a35dca3dcd

    • SHA256

      7c7b22145b0d6b10576d358a3eb903b642b71dcf374cb58d8a372aa23b3e4baa

    • SHA512

      cfa073a656dadb8455c6b9ef535858f87c747a42021b23a83596c71220e304ea61bfe4880f7f0df96f88d2ecca22d6d3b7b9a8dfbc01bd620fb9100ffe9b9290

    • SSDEEP

      1572864:m2n1DWpbcQb+1hekC/0LQJzBNEcxOrIP/YpUIHdwDVKdj0nnodsYAWbjZk:m2tWNkekDLqNEAAU4wha29sjZk

    Score
    10/10
    streladiscoverystealer

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

      stealerstrela

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops file in System32 directory

    behavioral9

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.