strela | d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6 | Triage

Submit
Reports

Overview

overview

Static

static

3

d2dd072a45...6N.dll

windows7-x64

d2dd072a45...6N.dll

windows10-2004-x64

Sharing

General

Target

d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6N.exe
Size

239KB
Sample

250217-jnzxjawkgl
MD5

4f3cfb44a90b9575a03b5861312828c0
SHA1

1e3b9f1a2e754ef3f2cf0d47d50c78463ebdd0a9
SHA256

d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6
SHA512

8ede7feaf0ebadc9e3fa83df82181d8d739f6558d7af74919162fc89a2361383c165dd3ba35ac42d3f9061b50bf9ee11308fd9853e40f9e3e1e729bd8741df68
SSDEEP

3072:RB+UB25/XDXgRBBPQeGP7Cc8exDm0I7NYoCXYUzoU3o97b2KwJ2j6w9L9fD/9:RB+nXDXgRBBPQ5mc/aDU0Z9flVzfDF

Score

10^/10

strela discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6N.dll

Resource

win7-20240903-en

windows7-x64

3 signatures

120 seconds

Behavioral task

behavioral2

Sample

d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6N.dll

Resource

win10v2004-20250207-en

strela discovery stealer

windows10-2004-x64

6 signatures

120 seconds

Malware Config

Extracted

Family

strela

C2

45.9.74.176

Attributes

url_path
/server.php
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Targets

- Target
  
  d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6N.exe
- Size
  
  239KB
- MD5
  
  4f3cfb44a90b9575a03b5861312828c0
- SHA1
  
  1e3b9f1a2e754ef3f2cf0d47d50c78463ebdd0a9
- SHA256
  
  d2dd072a45b4e1da1c20bd675ef1b0aeb2faa4f17013dfb54654ee7260c6def6
- SHA512
  
  8ede7feaf0ebadc9e3fa83df82181d8d739f6558d7af74919162fc89a2361383c165dd3ba35ac42d3f9061b50bf9ee11308fd9853e40f9e3e1e729bd8741df68
- SSDEEP
  
  3072:RB+UB25/XDXgRBBPQeGP7Cc8exDm0I7NYoCXYUzoU3o97b2KwJ2j6w9L9fD/9:RB+nXDXgRBBPQ5mc/aDU0Z9flVzfDF
Score

10^/10

strela stealer discovery
- Detects Strela Stealer payload
- Strela family
  strela
- Strela stealer
  An info stealer targeting mail credentials first seen in late 2022.
  stealer strela
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

streladiscoverystealer

© 2018-2025

Terms | Privacy