Overview

overview

10

Static

static

10

1316-63-0x...ry.exe

windows7-x64

6

1316-63-0x...ry.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1316-63-0x0000000000400000-0x000000000046E000-memory.dmp

  • Size

    440KB

  • Sample

    220829-gqechacfar

  • MD5

    c67bf7359df8f388847ed471a79d93d5

  • SHA1

    2be60c20a739e9b6736e3f92213e39c234e9bac0

  • SHA256

    74544779f20456a761f40feb845d32df7981b48f44bd2aa56242a74d3fbe5379

  • SHA512

    1d09f49b33ca678c2abfcac86cddaa29662d62b58739aba62fbe83330142a65c1bac6fcbb555c4df772a25aff04c302aa7f4497ad7b39b253c1d1265a2579182

  • SSDEEP

    12288:HWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:QxgsRftD0C2nKG

Score
10/10
blustealercollection

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

    • Target

      1316-63-0x0000000000400000-0x000000000046E000-memory.dmp

    • Size

      440KB

    • MD5

      c67bf7359df8f388847ed471a79d93d5

    • SHA1

      2be60c20a739e9b6736e3f92213e39c234e9bac0

    • SHA256

      74544779f20456a761f40feb845d32df7981b48f44bd2aa56242a74d3fbe5379

    • SHA512

      1d09f49b33ca678c2abfcac86cddaa29662d62b58739aba62fbe83330142a65c1bac6fcbb555c4df772a25aff04c302aa7f4497ad7b39b253c1d1265a2579182

    • SSDEEP

      12288:HWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:QxgsRftD0C2nKG

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks