strela | ec54302fa9d93f8ade25832f7bfb8c22b665d971f4287c9c5465c7c288f056aa

Analysis

max time kernel
93s
max time network
137s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
25-11-2024 05:16

Target

ec54302fa9d93f8ade25832f7bfb8c22b665d971f4287c9c5465c7c288f056aa.dll
Size

147KB
MD5

d215572a3879d40b815e99b5a311fc03
SHA1

74ff0e07879e690e4eae5e38f7085c7a3aba3e4c
SHA256

ec54302fa9d93f8ade25832f7bfb8c22b665d971f4287c9c5465c7c288f056aa
SHA512

0462cc75a7042c51df4e63980ebb69b1328a9a62ff39875ba1c2ad9b155d2b73db8e8586cce8f8770fb7f1ce2363fc27d1db8b53edde53aeeef4900fdd8d15f0
SSDEEP

3072:ptNVraccu1jqnl8r0Hlq+rLRFG5Q6YWeJtB8GQWfMl6JOx:fraICl84HlJfHG5Q6YVBzQ3kJ

Score

10^/10

strela stealer

Family

strela

94.159.113.79

Attributes

Detects Strela Stealer payload 2 IoCs

resource	yara_rule
behavioral2/memory/216-1-0x0000000001600000-0x0000000001623000-memory.dmp	family_strela
behavioral2/memory/216-2-0x0000000001600000-0x0000000001623000-memory.dmp	family_strela

Strela family
strela
Strela stealer
An info stealer targeting mail credentials first seen in late 2022.
stealer strela

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\ec54302fa9d93f8ade25832f7bfb8c22b665d971f4287c9c5465c7c288f056aa.dll
1⤵
PID:216

memory/216-1-0x0000000001600000-0x0000000001623000-memory.dmp

Filesize
140KB

Download
memory/216-2-0x0000000001600000-0x0000000001623000-memory.dmp

Filesize
140KB

Download