blustealer | 143f907099ab94069a33c8b30f9b124c85d8836ff3db9fcefef2e7220f41cdf6 | Triage

Submit
Reports

Overview

overview

Static

static

SecuriteIn...27.exe

windows7-x64

SecuriteIn...27.exe

windows10-2004-x64

Sharing

General

Target

SecuriteInfo.com.W32.AIDetectNet.01.27727.5740
Size

1.2MB
Sample

220729-hlb71sfgcm
MD5

e0c7918a16a8e9b865c0380cda868ad3
SHA1

e08b4392b8a4b2ab1fcad4b4d0d2a0cb1379b292
SHA256

143f907099ab94069a33c8b30f9b124c85d8836ff3db9fcefef2e7220f41cdf6
SHA512

33b5cf5ef076c31d21f336c85bc486c8d62fba40e0b553fa58d16573cffe19fb2849b66b6954cf598305f991f8d510e168d03fe71f93cbdd435ed58b02d62730

Score

10^/10

blustealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

SecuriteInfo.com.W32.AIDetectNet.01.27727.exe

Resource

win7-20220718-en

blustealer stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.W32.AIDetectNet.01.27727.exe

Resource

win10v2004-20220722-en

blustealer stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
satport.shop
Port:
587
Username:
[email protected]
Password:
e.,)09BL8xF7

Targets

- Target
  
  SecuriteInfo.com.W32.AIDetectNet.01.27727.5740
- Size
  
  1.2MB
- MD5
  
  e0c7918a16a8e9b865c0380cda868ad3
- SHA1
  
  e08b4392b8a4b2ab1fcad4b4d0d2a0cb1379b292
- SHA256
  
  143f907099ab94069a33c8b30f9b124c85d8836ff3db9fcefef2e7220f41cdf6
- SHA512
  
  33b5cf5ef076c31d21f336c85bc486c8d62fba40e0b553fa58d16573cffe19fb2849b66b6954cf598305f991f8d510e168d03fe71f93cbdd435ed58b02d62730
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer

© 2018-2025

Terms | Privacy