Strela Stealer Targets Europe Stealthily Via WebDav

SUMMARY :

Strela Stealer, first identified by DCSO in late 2022, is a type of information-stealing malware primarily designed to exfiltrate email account credentials from widely used email clients, including Microsoft Outlook and Mozilla Thunderbird. This malware initially targeted Spanish-speaking users through spam email campaigns containing malicious ISO attachments, which included a .lnk file and a polyglot file. When executed, the .lnk file triggered the polyglot file, executing both the lure html and Strela stealer DLL using “rundll32.exe”.

OPENCTI LABELS :

powershell,phishing,infostealer,dll file,webdav,zip file,webdav server,javascript code,strela


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Strela Stealer Targets Europe Stealthily Via WebDav