Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

mv GRETA -...st.exe

windows7-x64

1

mv GRETA -...st.exe

windows10-1703-x64

10

mv GRETA -...st.exe

windows10-2004-x64

1

mv GRETA -...st.exe

windows11-21h2-x64

Analysis

  • max time kernel
    57s
  • max time network
    58s
  • platform
    windows10_x64
  • resource
    win10-20220414-en
  • resource tags

    arch:x64arch:x86image:win10-20220414-enlocale:en-usos:windows10-1703-x64system
  • submitted
    29/07/2022, 10:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mv GRETA - Bunker Quotation Request.exe

  • Size

    1.0MB

  • MD5

    cbfa66c8b577b871e78e9a9f05878e1b

  • SHA1

    2185593c603f23bff3010682bf824ba6f01a090d

  • SHA256

    ed2cc1531e6eb494f8eee05e24770a843f2e5d20652538d5fce7e88b42814c2d

  • SHA512

    c969a9b28ade731d80709b045ee9d0e5068cd5dd24228b13566d25896d19a8b4102fe030797db3c5c9ca43cbf861ffe9b0e4213c4d1695c6606e69e58a7ffd53

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.dinamiksan.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    ankara0606

Signatures

  • BluStealer

    A Modular information stealer written in Visual Basic.

    stealerblustealer
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\mv GRETA - Bunker Quotation Request.exe
    "C:\Users\Admin\AppData\Local\Temp\mv GRETA - Bunker Quotation Request.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:1092
    • C:\Users\Admin\AppData\Local\Temp\mv GRETA - Bunker Quotation Request.exe
      "C:\Users\Admin\AppData\Local\Temp\mv GRETA - Bunker Quotation Request.exe"
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:2740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1092-118-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-119-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-120-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-121-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-122-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-123-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-124-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-125-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-126-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-127-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-128-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-129-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-130-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-131-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-132-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-133-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-134-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-135-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-136-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-137-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-138-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-139-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-140-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-141-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-142-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-143-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-144-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-145-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-146-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-147-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-148-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-149-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-150-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-151-0x0000000000750000-0x000000000085A000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/1092-152-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-153-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-154-0x0000000005590000-0x0000000005A8E000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/1092-155-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-156-0x0000000005090000-0x0000000005122000-memory.dmp

    Filesize

    584KB

    Download

  • memory/1092-157-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-158-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-159-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-160-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-161-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-162-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-163-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-164-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-165-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-166-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-167-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-168-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-169-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-170-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-171-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-172-0x0000000002C10000-0x0000000002C1A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1092-173-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-174-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-175-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-176-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-177-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-178-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-179-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-180-0x00000000054F0000-0x0000000005506000-memory.dmp

    Filesize

    88KB

    Download

  • memory/1092-181-0x0000000005520000-0x000000000552A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1092-182-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1092-183-0x000000000A7F0000-0x000000000A8DC000-memory.dmp

    Filesize

    944KB

    Download

  • memory/1092-184-0x000000000A980000-0x000000000AA1C000-memory.dmp

    Filesize

    624KB

    Download

  • memory/1092-185-0x000000000AA20000-0x000000000AA86000-memory.dmp

    Filesize

    408KB

    Download

  • memory/1092-186-0x0000000001170000-0x0000000001214000-memory.dmp

    Filesize

    656KB

    Download

  • memory/1092-191-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2740-187-0x0000000000400000-0x000000000049E000-memory.dmp

    Filesize

    632KB

    Download

  • memory/2740-189-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2740-190-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2740-192-0x0000000077060000-0x00000000771EE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2740-228-0x0000000000400000-0x000000000049E000-memory.dmp

    Filesize

    632KB

    Download