Overview

overview

10

Static

static

10

cf67f07fdd...70.exe

windows7-x64

6

cf67f07fdd...70.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf67f07fddf91a4c144075e5e4c5988acfa30aaf439d0c31f5a309e094bc0270

  • Size

    381KB

  • Sample

    220824-dnf7jafdcq

  • MD5

    8a257db1ceb1a61d5f8f8707f7dfa52e

  • SHA1

    eaf8d7e81e0583fa4a474e4cae6723dcb0372edc

  • SHA256

    ff411b0d94bc4a188a0447bafda0c28bb745d4ed561e85f655864d1fb4c908f0

  • SHA512

    4c4ddbf46346be2bb90ca1bfd1bf2a4df793789eabeec576c2d392d7afecfb90cea33715990e59bb03803698108a58b73ef4fb97902652f5ca7ed2a1ca886efa

  • SSDEEP

    6144:7hJfyzdGogKgbUR/kFqdYfBuFZp1iY0aE1q7FRl62nX8riSugaogIIu40AW9g:9JfyxxfggRLUu/7LAyFRc2nsOpNnUg

Score
10/10
blustealercollection

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5432809476:AAHtE5EDW3VQZZBLnEbEZpHEIJz5LbF0no/sendMessage?chat_id=5571556378

Targets

    • Target

      cf67f07fddf91a4c144075e5e4c5988acfa30aaf439d0c31f5a309e094bc0270

    • Size

      440KB

    • MD5

      cbe965aab3f57da4ceda5886e90db6b4

    • SHA1

      87d28f5af169e11cf570e5b709e407aebc33aa2c

    • SHA256

      cf67f07fddf91a4c144075e5e4c5988acfa30aaf439d0c31f5a309e094bc0270

    • SHA512

      e7b9a33974cba07f5d1430fdfaf0884e4210188049d9a3f56765f14a62d405bb8699d5c53fbb22d2c82d894f7ed7a6122a55ca43c7abcdc719d0b518f7cb4697

    • SSDEEP

      12288:RWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:OxgsRftD0C2nKG

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks