Overview

overview

10

Static

static

SecuriteIn...06.exe

windows7-x64

10

SecuriteIn...06.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan.MSIL.FormBook.IZFA.MTB.26806.4182

  • Size

    2.3MB

  • Sample

    220805-gkqtcaffd6

  • MD5

    c04e99a3f7c169773a1fec0d98be2d5f

  • SHA1

    219b3cf5e69a2aef57f4565ec914652f8d285612

  • SHA256

    3f38e461404e7085d3b0372b10dd26a7fc8397383afd51dc119705d003f3eade

  • SHA512

    63b52ae3d38a6d5e5c6ec89fa5cc77c6924d7593f75c9a7454a5690a6c9b22fd9de8c650cd9a62c5454cf8d1a3abbec2ebe7ebf51b3177cc2e1d808f186f62a3

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5446953292:AAFkDq-HVam91vjV2SXkAWjbhfkBnxaPoa4/sendMessage?chat_id=1269002131

Targets

    • Target

      SecuriteInfo.com.Trojan.MSIL.FormBook.IZFA.MTB.26806.4182

    • Size

      2.3MB

    • MD5

      c04e99a3f7c169773a1fec0d98be2d5f

    • SHA1

      219b3cf5e69a2aef57f4565ec914652f8d285612

    • SHA256

      3f38e461404e7085d3b0372b10dd26a7fc8397383afd51dc119705d003f3eade

    • SHA512

      63b52ae3d38a6d5e5c6ec89fa5cc77c6924d7593f75c9a7454a5690a6c9b22fd9de8c650cd9a62c5454cf8d1a3abbec2ebe7ebf51b3177cc2e1d808f186f62a3

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks