General
-
Target
4656-1-0x000001E5DA820000-0x000001E5DA843000-memory.dmp
-
Size
140KB
-
MD5
15c8bf7cf159e90c567883bf0fdc30bb
-
SHA1
b98bab663133774f44d5170328ecf95f4f31e4fd
-
SHA256
dd685314d286008c452938d47d4a1b0f3e9dd98038ee2c15bfcbab47cbc99ffa
-
SHA512
83060c17d0c41be5c9fc3bb7b2bbaee05f9dff9cd009993fd474521acdb2097688e61e0176083d7f56b2dd2c7898db37e6465af5fe8b741c9ba359cf2a447af6
-
SSDEEP
3072:n1B7Url+tJ2Um6bpRkN4JpuDw5PEA7DSZO2Jo10:nTq+tJ2UTbpHJpOix7NIX
Score
10/10
Malware Config
Extracted
Family
strela
C2
94.159.113.48
Attributes
-
url_path
/server.php
Signatures
-
Detects Strela Stealer payload 1 IoCs
Processes:
resource yara_rule sample family_strela -
Strela family
Files
-
4656-1-0x000001E5DA820000-0x000001E5DA843000-memory.dmp