blustealer | 81cdbea7a809be0f353a0d72397fb91821650770e736f9bd68f4501be64572d3 | Triage

Sharing

General

Target

Doc0627.exe
Size

866KB
Sample

220802-jncf8scfa8
MD5

1db4863326d564281893628c4ecbe87b
SHA1

55dae7e5b29e7e8c8aaeeb748807408d7f8bc3f4
SHA256

81cdbea7a809be0f353a0d72397fb91821650770e736f9bd68f4501be64572d3
SHA512

9c4c82e67dcedd4d27c7bd1230700c310eb111cf4a73a19e0de301f82f779851a3be991a9b90c96128c764c84595a1f4d049b4c99b0ba326737ff7e44ddd0feb

Score

10^/10

blustealer stealer

Malware Config

Targets

- Target
  
  Doc0627.exe
- Size
  
  866KB
- MD5
  
  1db4863326d564281893628c4ecbe87b
- SHA1
  
  55dae7e5b29e7e8c8aaeeb748807408d7f8bc3f4
- SHA256
  
  81cdbea7a809be0f353a0d72397fb91821650770e736f9bd68f4501be64572d3
- SHA512
  
  9c4c82e67dcedd4d27c7bd1230700c310eb111cf4a73a19e0de301f82f779851a3be991a9b90c96128c764c84595a1f4d049b4c99b0ba326737ff7e44ddd0feb
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Uses the VBS compiler for execution
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scripting

Persistence

Privilege Escalation

Defense Evasion

Scripting

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer