Overview

overview

10

Static

static

a661148c26...62.exe

windows7-x64

10

a661148c26...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a661148c26dc8bd4992bbd23b350f062.exe

  • Size

    928KB

  • Sample

    220806-jspblaege8

  • MD5

    a661148c26dc8bd4992bbd23b350f062

  • SHA1

    35af577d4c5c0d94585fc41b2f1834f463727c20

  • SHA256

    0e184b1b8ebe69d4e06a8a71c53054b3713ec9f2a0a9f8988ce235d130ac549c

  • SHA512

    adb8d4c0a859acbb8c5cd7114d9a1f9233dce045be42e3224f62a08b4e000513788263a9ccd6c27919a0449437d843072f2c8d81e876ecc2220b695b5eebfafe

Score
10/10
blustealerstealer

Malware Config

Targets

    • Target

      a661148c26dc8bd4992bbd23b350f062.exe

    • Size

      928KB

    • MD5

      a661148c26dc8bd4992bbd23b350f062

    • SHA1

      35af577d4c5c0d94585fc41b2f1834f463727c20

    • SHA256

      0e184b1b8ebe69d4e06a8a71c53054b3713ec9f2a0a9f8988ce235d130ac549c

    • SHA512

      adb8d4c0a859acbb8c5cd7114d9a1f9233dce045be42e3224f62a08b4e000513788263a9ccd6c27919a0449437d843072f2c8d81e876ecc2220b695b5eebfafe

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks