strela | f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135 | Triage

Submit
Reports

Overview

overview

Static

static

3

f58dbf3949...5N.dll

windows7-x64

f58dbf3949...5N.dll

windows10-2004-x64

Sharing

General

Target

f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135N
Size

458KB
Sample

241107-ljyvsayqe1
MD5

280dfd8638e01c98efffff6b3ff5c390
SHA1

49a1b97c2f393976dd59ebd3f11b00434e647396
SHA256

f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135
SHA512

7651cc6da136fc49dc33433750cf3ce0bbd53f0cf26b7b842e92dd6343cd66bf02455f4ba3bdf398fcce39a55d9a82be554c9c197352ec57d22e2e51bd19efac
SSDEEP

12288:LS1kO1HiE+DwaQyfcjb2gCo5TQsY4xg/LJvQ:LUiVktb2gxksY4WL

Score

10^/10

strela stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135N.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

120 seconds

Behavioral task

behavioral2

Sample

f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135N.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

3 signatures

120 seconds

Malware Config

Extracted

Family

strela

C2

94.159.113.82

Attributes

url_path
/server.php

Targets

- Target
  
  f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135N
- Size
  
  458KB
- MD5
  
  280dfd8638e01c98efffff6b3ff5c390
- SHA1
  
  49a1b97c2f393976dd59ebd3f11b00434e647396
- SHA256
  
  f58dbf39497d9485fa7fdf88a5bc2c44f22284ca117437a8137070e4c0567135
- SHA512
  
  7651cc6da136fc49dc33433750cf3ce0bbd53f0cf26b7b842e92dd6343cd66bf02455f4ba3bdf398fcce39a55d9a82be554c9c197352ec57d22e2e51bd19efac
- SSDEEP
  
  12288:LS1kO1HiE+DwaQyfcjb2gCo5TQsY4xg/LJvQ:LUiVktb2gxksY4WL
Score

10^/10

strela stealer
- Detects Strela Stealer payload
- Strela family
  strela
- Strela stealer
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy