blustealer | 163a4345462ed09ccbbe9ef4296be3c9b0edf17e252cb422f8f0303aeddb3bca | Triage

Submit
Reports

Overview

overview

Static

static

Payment Slip.pdf.exe

windows7-x64

Payment Slip.pdf.exe

windows10-2004-x64

Sharing

General

Target

Payment Slip.pdf.exe
Size

1.3MB
Sample

220816-hzc2gadhbj
MD5

4c28e87b21490b34da1df162640c2ac0
SHA1

3dbf77540367aedf4a04e95d6c68b59db4401a15
SHA256

163a4345462ed09ccbbe9ef4296be3c9b0edf17e252cb422f8f0303aeddb3bca
SHA512

a665c259fb83e9b8451a316c6b914bce77328b1a00c6bf0a988f30512e7fda43105a1bb9ae81e3e4287d6cc04bdec8f7f366a3e5d69e0bad95463a7c824aff1c

Score

10^/10

blustealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

Payment Slip.pdf.exe

Resource

win7-20220812-en

blustealer stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Payment Slip.pdf.exe

Resource

win10v2004-20220812-en

blustealer stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.oiliskim.com
Port:
587
Username:
[email protected]
Password:
Alipapa18@

Targets

- Target
  
  Payment Slip.pdf.exe
- Size
  
  1.3MB
- MD5
  
  4c28e87b21490b34da1df162640c2ac0
- SHA1
  
  3dbf77540367aedf4a04e95d6c68b59db4401a15
- SHA256
  
  163a4345462ed09ccbbe9ef4296be3c9b0edf17e252cb422f8f0303aeddb3bca
- SHA512
  
  a665c259fb83e9b8451a316c6b914bce77328b1a00c6bf0a988f30512e7fda43105a1bb9ae81e3e4287d6cc04bdec8f7f366a3e5d69e0bad95463a7c824aff1c
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer

© 2018-2025

Terms | Privacy