Overview

overview

10

Static

static

commercial...er.exe

windows7-x64

10

commercial...er.exe

windows10-1703-x64

10

commercial...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    commercial proposal for tender.exe

  • Size

    673KB

  • Sample

    220804-fc7lfsbac8

  • MD5

    ad50e25e4bd6ebfd000bd752f4460659

  • SHA1

    47d00be456692150792e4c0f0c604a8c82d06866

  • SHA256

    5ff833d3f79aaec098d8b25ac40b1c42963dd83daddea1c48c129e9a84491c68

  • SHA512

    e796da95447c102428ae008e680bacfc25ea0e51f0bd104e194f82a9bca7cefb0299c3b7fdef2ad4b4eb67875c8880219ae54c7605df399ec10038b9a589df71

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    smtp.ionos.es
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    barkoner

Targets

    • Target

      commercial proposal for tender.exe

    • Size

      673KB

    • MD5

      ad50e25e4bd6ebfd000bd752f4460659

    • SHA1

      47d00be456692150792e4c0f0c604a8c82d06866

    • SHA256

      5ff833d3f79aaec098d8b25ac40b1c42963dd83daddea1c48c129e9a84491c68

    • SHA512

      e796da95447c102428ae008e680bacfc25ea0e51f0bd104e194f82a9bca7cefb0299c3b7fdef2ad4b4eb67875c8880219ae54c7605df399ec10038b9a589df71

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Loads dropped DLL

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3

MITRE ATT&CK Matrix

Tasks