General
-
Target
2308-0-0x00000000001A0000-0x00000000001C3000-memory.dmp
-
Size
140KB
-
MD5
2d89899dfb35a866d1126b52d79e97f2
-
SHA1
7028bce695c02fcbaa5b33c21d766b990bb6d2ca
-
SHA256
6ed9c1d559f2f5e35af9d48aa050528244c48b4c2c9c1f45930059132028f97e
-
SHA512
a8ebd55676addd02d60caa77a17699dbdec24e88632fd26648eec1b3b94773899c438684f3d110c213dbebfe3f0390dbdec0390309456c540cfb05a914006d7e
-
SSDEEP
3072:iGDrUrl+tJ2Um6bpRkN4JpuDwpK4EnSfO2r310:imq+tJ2UTbpHJpOy8WO
Score
10/10
Malware Config
Extracted
Family
strela
C2
94.159.113.86
Attributes
-
url_path
/server.php
Signatures
-
Detects Strela Stealer payload 1 IoCs
Processes:
resource yara_rule sample family_strela -
Strela family
Files
-
2308-0-0x00000000001A0000-0x00000000001C3000-memory.dmp