blustealer | dfdea8e5cc329e17847e129d8e515043b0dba31f1af48304f28dd181483607ae | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004-x64

Sharing

General

Target

dfdea8e5cc329e17847e129d8e515043b0dba31f1af48304f28dd181483607ae
Size

847KB
Sample

220815-km8nqabcg8
MD5

200bbb757192fb530d38711a112338ba
SHA1

259c77525cf161a376a07ed9a035c3064e2a1f17
SHA256

dfdea8e5cc329e17847e129d8e515043b0dba31f1af48304f28dd181483607ae
SHA512

b387ea9263598db899501f202f754e0bbc39b72be177857809a70fc4608310b46e00fe9d96e9cc00d2a2c9ce48bec764f0f4aaa989724d0079711b8cd37866ea

Score

10^/10

blustealer stormkitty collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

dfdea8e5cc329e17847e129d8e515043b0dba31f1af48304f28dd181483607ae.exe

Resource

win10v2004-20220812-en

blustealer stormkitty collection stealer

windows10-2004-x64

17 signatures

150 seconds

Malware Config

Targets

- Target
  
  dfdea8e5cc329e17847e129d8e515043b0dba31f1af48304f28dd181483607ae
- Size
  
  847KB
- MD5
  
  200bbb757192fb530d38711a112338ba
- SHA1
  
  259c77525cf161a376a07ed9a035c3064e2a1f17
- SHA256
  
  dfdea8e5cc329e17847e129d8e515043b0dba31f1af48304f28dd181483607ae
- SHA512
  
  b387ea9263598db899501f202f754e0bbc39b72be177857809a70fc4608310b46e00fe9d96e9cc00d2a2c9ce48bec764f0f4aaa989724d0079711b8cd37866ea
Score

10^/10

blustealer stormkitty collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealerstormkittycollectionstealer

© 2018-2025

Terms | Privacy