blustealer | 6566cde4ba73cc0316c3de8c2c23c90aa6f76bd4d824d45b5b5c1d23d2655d16 | Triage

Submit
Reports

Overview

overview

Static

static

Revised Order.exe

windows7-x64

Revised Order.exe

windows10-2004-x64

Sharing

General

Target

Revised Order.exe
Size

719KB
Sample

220812-g92xxahgar
MD5

b08e56476b8ff662883f5774c842c94b
SHA1

4d4f8efd50e314753ce3196d843de956cf0db10a
SHA256

6566cde4ba73cc0316c3de8c2c23c90aa6f76bd4d824d45b5b5c1d23d2655d16
SHA512

10b6fb1979044f7e34242943a8e0a85358feeb5df942542afd6d4e519ab19ee1be10fe6bc283009b2c5242f83f45c5897a11da69ae3cd98c7856997caa553df7

Score

10^/10

blustealer stormkitty collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

Revised Order.exe

Resource

win7-20220715-en

blustealer stormkitty collection stealer

windows7-x64

15 signatures

150 seconds

Behavioral task

behavioral2

Sample

Revised Order.exe

Resource

win10v2004-20220721-en

blustealer stormkitty collection stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  Revised Order.exe
- Size
  
  719KB
- MD5
  
  b08e56476b8ff662883f5774c842c94b
- SHA1
  
  4d4f8efd50e314753ce3196d843de956cf0db10a
- SHA256
  
  6566cde4ba73cc0316c3de8c2c23c90aa6f76bd4d824d45b5b5c1d23d2655d16
- SHA512
  
  10b6fb1979044f7e34242943a8e0a85358feeb5df942542afd6d4e519ab19ee1be10fe6bc283009b2c5242f83f45c5897a11da69ae3cd98c7856997caa553df7
Score

10^/10

blustealer stormkitty collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealerstormkittycollectionstealer

behavioral2

blustealerstormkittycollectionstealer

© 2018-2025

Terms | Privacy