blustealer | 7ce909d1507de5f0f10b1d93a7b05362361592e7dfc03a5cb54499eeedbff92e | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-1703-x64

6

Sharing

General

Target

7ce909d1507de5f0f10b1d93a7b05362361592e7dfc03a5cb54499eeedbff92e
Size

440KB
Sample

220817-ee6lhadbd4
MD5

abbe2b671e0290c00ed5bd1cfcef23c9
SHA1

82545bacad44fff3b2c7bbe16a9e73143642e492
SHA256

7ce909d1507de5f0f10b1d93a7b05362361592e7dfc03a5cb54499eeedbff92e
SHA512

1571d751b7b183d066819de8e0fe01b46e7353b5992f911a810723f5e3c5cfab186e61f49bd52f36a4fedad68074ea5752753f9dbe5fc36eb60fd6dfd1645ccf
SSDEEP

12288:JWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:2xgsRftD0C2nKG

Score

10^/10

blustealer collection

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7ce909d1507de5f0f10b1d93a7b05362361592e7dfc03a5cb54499eeedbff92e.exe

Resource

win10-20220812-en

windows10-1703-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5446953292:AAFkDq-HVam91vjV2SXkAWjbhfkBnxaPoa4/sendMessage?chat_id=1269002131

Targets

- Target
  
  7ce909d1507de5f0f10b1d93a7b05362361592e7dfc03a5cb54499eeedbff92e
- Size
  
  440KB
- MD5
  
  abbe2b671e0290c00ed5bd1cfcef23c9
- SHA1
  
  82545bacad44fff3b2c7bbe16a9e73143642e492
- SHA256
  
  7ce909d1507de5f0f10b1d93a7b05362361592e7dfc03a5cb54499eeedbff92e
- SHA512
  
  1571d751b7b183d066819de8e0fe01b46e7353b5992f911a810723f5e3c5cfab186e61f49bd52f36a4fedad68074ea5752753f9dbe5fc36eb60fd6dfd1645ccf
- SSDEEP
  
  12288:JWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:2xgsRftD0C2nKG
Score

6^/10

collection
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy