General
-
Target
newbin.exe
-
Size
364KB
-
Sample
210927-t8ga2aheel
-
MD5
79a97d24433615837251fe141b7174d4
-
SHA1
6629ebd021eefece2411f6253e2d0b2c7a04d577
-
SHA256
7603f8e827ab78d5ff15be1b04b9a02821edf3bf90475295e0c7c792bc328f63
-
SHA512
8906e0699dfa6d71e21896d1b2c72450b78b49c8d2ea6290f00676a632c3ba703817a43b9fef50e6e9838bf176848d146646bdfdbb1dfc63c43b55f36a8f75e8
Malware Config
Extracted
blustealer
Protocol: smtp- Host:
mail.enche.com - Port:
587 - Username:
[email protected] - Password:
Merchandise08012021
Targets
-
-
Target
newbin.exe
-
Size
364KB
-
MD5
79a97d24433615837251fe141b7174d4
-
SHA1
6629ebd021eefece2411f6253e2d0b2c7a04d577
-
SHA256
7603f8e827ab78d5ff15be1b04b9a02821edf3bf90475295e0c7c792bc328f63
-
SHA512
8906e0699dfa6d71e21896d1b2c72450b78b49c8d2ea6290f00676a632c3ba703817a43b9fef50e6e9838bf176848d146646bdfdbb1dfc63c43b55f36a8f75e8
Score10/10-
A310logger
A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)
suricata: ET MALWARE a310Logger Stealer Exfil (SMTP)
-
A310logger Executable
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads local data of messenger clients
Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-