strela | a2e6bd6582e3002fbd8230007f23047fcacd7ddc071a287e42f54cf4572db5fe | Triage

Submit
Reports

Overview

overview

Static

static

1

slopewell-...ne.bat

windows11-21h2-x64

Resubmissions

21-01-2025 14:40

250121-r1411syqdr 10

09-11-2023 10:14

231109-l9qxvsgg6v 10

Sharing

General

Target

slopewell-offculturedairplane.bat
Size

403KB
Sample

250121-r1411syqdr
MD5

41447efea024e6158c5711c4982af676
SHA1

b52c1b3849249cc0504b82833c8610b4167cd0b1
SHA256

a2e6bd6582e3002fbd8230007f23047fcacd7ddc071a287e42f54cf4572db5fe
SHA512

d5a29e3b264672b33049984030443f505b573137636420c9b29ddf258a118cb1089caa859ce8f89da2cc1d37607fc8454a19385b77926ea793a6c8c9f77ead1b
SSDEEP

6144:SNGQJKf11ZZewEP7eXGON4FhDGTcJoBY1zWi9qgsgUpQ47GK+:SZKd7ZewaON4FhDGTcJk7i9xbUc

Score

10^/10

strela defense_evasion stealer

Static task

static1

Behavioral task

behavioral1

Sample

slopewell-offculturedairplane.bat

Resource

win11-20241007-en

strela defense_evasion stealer

windows11-21h2-x64

12 signatures

600 seconds

Malware Config

Extracted

Family

strela

C2

193.109.85.77

Attributes

url_path
/server.php
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537

Targets

- Target
  
  slopewell-offculturedairplane.bat
- Size
  
  403KB
- MD5
  
  41447efea024e6158c5711c4982af676
- SHA1
  
  b52c1b3849249cc0504b82833c8610b4167cd0b1
- SHA256
  
  a2e6bd6582e3002fbd8230007f23047fcacd7ddc071a287e42f54cf4572db5fe
- SHA512
  
  d5a29e3b264672b33049984030443f505b573137636420c9b29ddf258a118cb1089caa859ce8f89da2cc1d37607fc8454a19385b77926ea793a6c8c9f77ead1b
- SSDEEP
  
  6144:SNGQJKf11ZZewEP7eXGON4FhDGTcJoBY1zWi9qgsgUpQ47GK+:SZKd7ZewaON4FhDGTcJk7i9xbUc
Score

10^/10

strela defense_evasion stealer
- Detects Strela Stealer payload
- Strela family
  strela
- Strela stealer
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Loads dropped DLL
- Deobfuscate/Decode Files or Information
  Payload decoded via CertUtil.
  defense_evasion
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Deobfuscate/Decode Files or Information

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

streladefense_evasionstealer

© 2018-2025

Terms | Privacy