strela | dd06fbefe4de722a98f9207db3ffd03a57dc58c7ad7695a79d127c3fb573c38a

Analysis

max time kernel
134s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
27-10-2024 06:26

Target

2024-10-27_13c840cf26c70c1f7214d0a7a8543f12_bkransomware_icedid.exe
Size

2.8MB
MD5

13c840cf26c70c1f7214d0a7a8543f12
SHA1

93ba96839d56df5fb2d72b05a284a7cf165cfae4
SHA256

dd06fbefe4de722a98f9207db3ffd03a57dc58c7ad7695a79d127c3fb573c38a
SHA512

43a431bffba3efae74cb186d5e6bac7ab15c539761be75d5f86e1250c1f3eac970371959254976cdf6b18dced5d036b891076700bd1b134663bc97dea661a35c
SSDEEP

49152:Fe/6TJT0uQXa+6DokMm/lwH+vQStNdEwfQisgxoy34Z1y/iHyLNiXicJFFRGNzj3:F86TJT0uKalokMm/lwe7dEwfQisgxoyz

Score

10^/10

strela stealer

Detects Strela Stealer payload 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/1156-0-0x0000000000400000-0x00000000006DA000-memory.dmp	family_strela
behavioral2/memory/1156-1-0x0000000000400000-0x00000000006DA000-memory.dmp	family_strela

Strela family
strela
Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Users\Admin\AppData\Local\Temp\2024-10-27_13c840cf26c70c1f7214d0a7a8543f12_bkransomware_icedid.exe
"C:\Users\Admin\AppData\Local\Temp\2024-10-27_13c840cf26c70c1f7214d0a7a8543f12_bkransomware_icedid.exe"
1⤵
PID:1156

memory/1156-0-0x0000000000400000-0x00000000006DA000-memory.dmp

Filesize
2.9MB

Download
memory/1156-1-0x0000000000400000-0x00000000006DA000-memory.dmp

Filesize
2.9MB

Download