Overview

overview

10

Static

static

mv GRETA -...st.exe

windows7-x64

1

mv GRETA -...st.exe

windows10-1703-x64

10

mv GRETA -...st.exe

windows10-2004-x64

1

mv GRETA -...st.exe

windows11-21h2-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c23bcade7d7de839620048af0a98c97.zip

  • Size

    985KB

  • Sample

    220729-mwdaaagga6

  • MD5

    f8b122da691f63af268e8a04b8cddf47

  • SHA1

    d10b5dd6f0284a20a49752e9a0f4915fb0c9960e

  • SHA256

    bd3c5bae9f1ec0fdae0aeb54c9037612213b6e9fcf94ed42da5656ccab289819

  • SHA512

    5a6db21b436d4a72284f3c802bc611d745426f704fa5b26e37594cfd0a5ff92f7fb502285315553260b0c104745fe4a2ccb90757532b55e3e4bfb14f64a68f1e

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.dinamiksan.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    ankara0606

Targets

    • Target

      mv GRETA - Bunker Quotation Request.exe

    • Size

      1.0MB

    • MD5

      cbfa66c8b577b871e78e9a9f05878e1b

    • SHA1

      2185593c603f23bff3010682bf824ba6f01a090d

    • SHA256

      ed2cc1531e6eb494f8eee05e24770a843f2e5d20652538d5fce7e88b42814c2d

    • SHA512

      c969a9b28ade731d80709b045ee9d0e5068cd5dd24228b13566d25896d19a8b4102fe030797db3c5c9ca43cbf861ffe9b0e4213c4d1695c6606e69e58a7ffd53

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks