blustealer | 792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab | Triage

Submit
Reports

Overview

overview

Static

static

792621a22b...ab.exe

windows7-x64

792621a22b...ab.exe

windows10-2004-x64

Sharing

General

Target

792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab
Size

714KB
Sample

220804-q34btsfec9
MD5

e565160ae6aa45409dd8c2963f802700
SHA1

54b3f0e549b36e2a8bb91fae7c8e697174655382
SHA256

792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab
SHA512

0e1e9a7784b914271acee6613a0ff6a0674ac4229e46f8974f643cdb00bb58f9e3d1eb73f6b14806e68b2d18297e3224cdff7e16b35058acb9d684623775c1e2

Score

10^/10

blustealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab.exe

Resource

win7-20220715-en

blustealer stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab.exe

Resource

win10v2004-20220722-en

blustealer stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5424772161:AAH6VQSqwjXeoEOdtG4956oBr1sLrNy1vkE/sendMessage?chat_id=2053442539

Targets

- Target
  
  792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab
- Size
  
  714KB
- MD5
  
  e565160ae6aa45409dd8c2963f802700
- SHA1
  
  54b3f0e549b36e2a8bb91fae7c8e697174655382
- SHA256
  
  792621a22b3db912726e2b70b953bd948b86ef6970f380e3f5151d87cd9a8cab
- SHA512
  
  0e1e9a7784b914271acee6613a0ff6a0674ac4229e46f8974f643cdb00bb58f9e3d1eb73f6b14806e68b2d18297e3224cdff7e16b35058acb9d684623775c1e2
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer

© 2018-2025

Terms | Privacy