blustealer | 844f97490d18394f1ded6f22c04c9cbdcc9a07ec9c82fadc96e9566c13d74e0d | Triage

Submit
Reports

Overview

overview

Static

static

Revised Order.exe

windows7-x64

1

Revised Order.exe

windows10-2004-x64

Sharing

General

Target

Revised Order.z
Size

514KB
Sample

220831-pvtxrafhf3
MD5

1edad3436ff643f397f12a6aa55fcd7a
SHA1

e6e7388b3fde68bac0c4a01cbb6c0d5cf04369bb
SHA256

844f97490d18394f1ded6f22c04c9cbdcc9a07ec9c82fadc96e9566c13d74e0d
SHA512

128dbb40c2e4232e4313fb65b1a571e27cca601868ecc895523e458db2a5fb5535e72887b302ecba9333eb9d300b59be8d177cc95bdb27f355d15d4908277000
SSDEEP

12288:jkEY1mUTNcPd05MecYp3RLXPNkWXKavjmQHOl3iIJhQNX6aN0z05sK:jAEUD/c8RbCWXK0aiIJgXGzSsK

Score

10^/10

blustealer stormkitty collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

Revised Order.exe

Resource

win7-20220812-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Revised Order.exe

Resource

win10v2004-20220812-en

blustealer stormkitty collection stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  Revised Order.exe
- Size
  
  719KB
- MD5
  
  b08e56476b8ff662883f5774c842c94b
- SHA1
  
  4d4f8efd50e314753ce3196d843de956cf0db10a
- SHA256
  
  6566cde4ba73cc0316c3de8c2c23c90aa6f76bd4d824d45b5b5c1d23d2655d16
- SHA512
  
  10b6fb1979044f7e34242943a8e0a85358feeb5df942542afd6d4e519ab19ee1be10fe6bc283009b2c5242f83f45c5897a11da69ae3cd98c7856997caa553df7
- SSDEEP
  
  12288:KHSLWwbdVvpc++Zg/2PRmn0DYp3RbXpNkWXKavjkAH4l3iIlhQNXSmNy:cSLWeJpSZgdu8RNCWXKM0iIlgXO
Score

10^/10

blustealer stormkitty collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

blustealerstormkittycollectionstealer

© 2018-2025

Terms | Privacy