Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
25-11-2024 02:24
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
48b51a6bedbda86249a1188c36a007f1ff8fdb3355a75b68eac7aa89ea5ad77a.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
General
-
Target
48b51a6bedbda86249a1188c36a007f1ff8fdb3355a75b68eac7aa89ea5ad77a.dll
-
Size
138KB
-
MD5
990bc4b90a3d10f2ae085497a216e4f4
-
SHA1
1202567c49e3a8c05dca5c0ce82dc6659e425f95
-
SHA256
48b51a6bedbda86249a1188c36a007f1ff8fdb3355a75b68eac7aa89ea5ad77a
-
SHA512
edbcd7a25d42c828abf247a72b7dec03d208c5d9d2f7d18d1eeac1711444587bfcc79aec89301e3b41c14a61f37e78c92180c269722337ade3a588536d3a1140
-
SSDEEP
3072:jnJR01T5K/tVwrwnF28z5Qnfo9db/Vq1LAZmonIbTxaZeaL0Q:1R0/K/tVHhQfojbtqSdSTxaZJ
Malware Config
Extracted
Family
strela
C2
94.159.113.79
Attributes
-
url_path
/up.php
Signatures
-
Detects Strela Stealer payload 2 IoCs
resource yara_rule behavioral1/memory/2348-0-0x00000000001C0000-0x00000000001E3000-memory.dmp family_strela behavioral1/memory/2348-1-0x00000000001C0000-0x00000000001E3000-memory.dmp family_strela -
Strela family