Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    07-12-2024 01:55

General

  • Target

    f799af5ea8d2d804e6b2b50f8ef4475bb7349138213679ea0b259feb051bb4e8.dll

  • Size

    506KB

  • MD5

    652b9993d7e6ae600397e16ae089aa84

  • SHA1

    2a9d6ffdbeaeac7a6195b0df83643e9957c3d614

  • SHA256

    f799af5ea8d2d804e6b2b50f8ef4475bb7349138213679ea0b259feb051bb4e8

  • SHA512

    5f9a85d86408b97a66c5249da4d41df313d581ac3e4c990215af938f657603505c5dc36688613d01719c70c969bd84c3a951431b157226fb4fce88bb0f0af7b0

  • SSDEEP

    12288:OiqCdVaBPnRxRQxQZULHJ0VehsTbnmVzowjoKmUSw+pl7GsCT:5qCdK/mxXHthsnszz09U2AN

Score
10/10

Malware Config

Signatures

  • Detects Strela Stealer payload 3 IoCs
  • Strela family
  • Strela stealer

    An info stealer targeting mail credentials first seen in late 2022.

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\f799af5ea8d2d804e6b2b50f8ef4475bb7349138213679ea0b259feb051bb4e8.dll
    1⤵
      PID:1540

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1540-1-0x0000000001C70000-0x0000000001CD3000-memory.dmp

      Filesize

      396KB

    • memory/1540-0-0x0000000001C70000-0x0000000001CD3000-memory.dmp

      Filesize

      396KB

    • memory/1540-2-0x0000000001C70000-0x0000000001CD3000-memory.dmp

      Filesize

      396KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.