blustealer | f24f8be855ccf6648a5c947f3710e652d083bf1ed86d73367e805556586cf6bf | Triage

Submit
Reports

Overview

overview

Static

static

SWIFT USD50000.exe

windows7-x64

SWIFT USD50000.exe

windows10-2004-x64

Sharing

General

Target

SWIFT USD50000.7z
Size

852KB
Sample

220817-j4zlpsfhb7
MD5

4ac60efc83509b325b61c8ad9c9a7323
SHA1

9ccbbc4f193bcfcbea0b859ab26e6d598edf2530
SHA256

f24f8be855ccf6648a5c947f3710e652d083bf1ed86d73367e805556586cf6bf
SHA512

47dd8ca4c91e79987ec9abea32d45df7b36ccd8ae2002eeaafab13fdbff22a313b5b0171ac871cb0f8f83087997c0a8cf17e30e40495269ecb431acee6a18c16
SSDEEP

12288:E2uwvt9/wAHMr8lzKv9VYqX1NA/paKmdMgjoXs0T6DcrjabgYjL+5MHm+HV1Keo:E40OECGYqXLA/0KMzo80SUjcgF+GNeo

Score

10^/10

blustealer stealer

Static task

static1

Behavioral task

behavioral1

Sample

SWIFT USD50000.exe

Resource

win7-20220812-en

blustealer stealer

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

SWIFT USD50000.exe

Resource

win10v2004-20220812-en

blustealer stealer

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.oiliskim.com
Port:
587
Username:
[email protected]
Password:
Ifeanyi@123

Targets

- Target
  
  SWIFT USD50000.exe
- Size
  
  1.1MB
- MD5
  
  e016090750d7ba7f0ea23beee330da11
- SHA1
  
  946fce67103c7a16711d9ba61e1b2f62236693b2
- SHA256
  
  8615bc30555f0ccd60466d99d1fe9e20fba142a3141ddd13f8354f564c47135a
- SHA512
  
  06f2f99e27a09ced989c49b7aa2c94f12d6d8d88467da9c7acadaba03856162d80b89b35d5e3f77410f4d4e4be882e6383221e047a35a1e6bdb48f20b11ab0ee
- SSDEEP
  
  24576:VgUeDECpYqVL//fOHDX804SjcgbwC0QpJ5Q:luvpYqVrfOHDspSjOCF5Q
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer

© 2018-2025

Terms | Privacy