General
-
Target
77053cffbf81fc755f5d119b907f63456ff18706a3274bf619315baf03411087
-
Size
187KB
-
Sample
220620-vmze6afgan
-
MD5
72048fbaab48b29537a9b8b6af6bd37d
-
SHA1
fb253b22ae678164dad4de1f8f472a1338c8582a
-
SHA256
77053cffbf81fc755f5d119b907f63456ff18706a3274bf619315baf03411087
-
SHA512
8909e498201a610020fd59e7bfc1340da71dc0ca8a4205adaba12151dd50a0cb0e88b0b358a361ecec5d6cefa5708bc7a19dea21e5b9d857d1057fce27640601
Static task
static1
Behavioral task
behavioral1
Sample
77053cffbf81fc755f5d119b907f63456ff18706a3274bf619315baf03411087.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
blustealer
Protocol: smtp- Host:
mail.juhun.shop - Port:
587 - Username:
[email protected] - Password:
(_ZH%s&u{1FF
Targets
-
-
Target
77053cffbf81fc755f5d119b907f63456ff18706a3274bf619315baf03411087
-
Size
187KB
-
MD5
72048fbaab48b29537a9b8b6af6bd37d
-
SHA1
fb253b22ae678164dad4de1f8f472a1338c8582a
-
SHA256
77053cffbf81fc755f5d119b907f63456ff18706a3274bf619315baf03411087
-
SHA512
8909e498201a610020fd59e7bfc1340da71dc0ca8a4205adaba12151dd50a0cb0e88b0b358a361ecec5d6cefa5708bc7a19dea21e5b9d857d1057fce27640601
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-