Analysis
-
max time kernel
92s -
max time network
134s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
24-11-2024 07:36
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
990bc4b90a3d10f2ae085497a216e4f4.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
General
-
Target
990bc4b90a3d10f2ae085497a216e4f4.dll
-
Size
138KB
-
MD5
990bc4b90a3d10f2ae085497a216e4f4
-
SHA1
1202567c49e3a8c05dca5c0ce82dc6659e425f95
-
SHA256
48b51a6bedbda86249a1188c36a007f1ff8fdb3355a75b68eac7aa89ea5ad77a
-
SHA512
edbcd7a25d42c828abf247a72b7dec03d208c5d9d2f7d18d1eeac1711444587bfcc79aec89301e3b41c14a61f37e78c92180c269722337ade3a588536d3a1140
-
SSDEEP
3072:jnJR01T5K/tVwrwnF28z5Qnfo9db/Vq1LAZmonIbTxaZeaL0Q:1R0/K/tVHhQfojbtqSdSTxaZJ
Malware Config
Extracted
Family
strela
C2
94.159.113.79
Attributes
-
url_path
/up.php
Signatures
-
Detects Strela Stealer payload 2 IoCs
Processes:
resource yara_rule behavioral2/memory/1972-0-0x0000000000480000-0x00000000004A3000-memory.dmp family_strela behavioral2/memory/1972-2-0x0000000000480000-0x00000000004A3000-memory.dmp family_strela -
Strela family