blustealer | 6d22dfb53e173bdd14f24a6e08bd334596c89bd18519bfd5d9e1371991934ae9 | Triage

Submit
Reports

Overview

overview

Static

static

104bfff4e7...4d.exe

windows7_x64

3

104bfff4e7...4d.exe

windows10_x64

Sharing

General

Target

104bfff4e7a7f04efd06e865cce96c4d
Size

87KB
Sample

211020-n6b1mshaa9
MD5

104bfff4e7a7f04efd06e865cce96c4d
SHA1

f05c8e92b0cc671aa27606347026383cfe179309
SHA256

6d22dfb53e173bdd14f24a6e08bd334596c89bd18519bfd5d9e1371991934ae9
SHA512

9be13b498850a8223119afa3d8e26b1e1cf15a4dc60a3130120944868c1ab531a7d274bd95caf98594fda249364f02cbc971355358bac1cb08c9423c0980cec4

Score

10^/10

blustealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

104bfff4e7a7f04efd06e865cce96c4d.exe

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

104bfff4e7a7f04efd06e865cce96c4d.exe

Resource

win10-en-20211014

blustealer stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
reptw.xyz
Port:
587
Username:
yellowpage@netjul.xyz
Password:
2HRgrc+HEz}8

Targets

- Target
  
  104bfff4e7a7f04efd06e865cce96c4d
- Size
  
  87KB
- MD5
  
  104bfff4e7a7f04efd06e865cce96c4d
- SHA1
  
  f05c8e92b0cc671aa27606347026383cfe179309
- SHA256
  
  6d22dfb53e173bdd14f24a6e08bd334596c89bd18519bfd5d9e1371991934ae9
- SHA512
  
  9be13b498850a8223119afa3d8e26b1e1cf15a4dc60a3130120944868c1ab531a7d274bd95caf98594fda249364f02cbc971355358bac1cb08c9423c0980cec4
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

blustealerstealer

© 2018-2024

Terms | Privacy