General
-
Target
3064-1-0x0000000000120000-0x0000000000143000-memory.dmp
-
Size
140KB
-
MD5
ca6fb43e0e863717845fa475c005cf57
-
SHA1
397f5ffbf5015c9313c7d1745b926d56d20bd97c
-
SHA256
a2e7384060eafa8c3a9afd938d4fcff7ec05fbd4802f430511a94b958565a6e9
-
SHA512
9f0e6e5a84a63c26399718e22588bcf6495c4eccfb7fbfdf346b84d4ef3b25fa25bf07abf970378ee9190067541e8f2e69f860f0fb15f420cfe4f9187b45d45c
-
SSDEEP
3072:iGDrUrl+tJ2Um6bpRkN4JpuDwpWXQDqSnO2gw10:imq+tJ2UTbpHJpOyWJhP
Score
10/10
Malware Config
Extracted
Family
strela
C2
94.159.113.86
Attributes
-
url_path
/server.php
Signatures
-
Detects Strela Stealer payload 1 IoCs
Processes:
resource yara_rule sample family_strela -
Strela family
Files
-
3064-1-0x0000000000120000-0x0000000000143000-memory.dmp