blustealer | 4346e1523a778cd8a6a7a63a57668b6b14d238db58a0c9a43589533bbf183773 | Triage

Submit
Reports

Overview

overview

Static

static

5.exe

windows7-x64

5.exe

windows10-2004-x64

Sharing

General

Target

5
Size

891KB
Sample

220902-ncejnsfcb8
MD5

fc5989f3d22dbbdecea721a3a149a584
SHA1

3d590bf3e2bcb6b6fb8d706421048793c1c3a295
SHA256

4346e1523a778cd8a6a7a63a57668b6b14d238db58a0c9a43589533bbf183773
SHA512

1441802146f4d3bd4f93a0d732fff7765e58bdcf7e8088270fb839a793b27839dab23e2781c2d5d281b0471c5e2b6a35aa7fa08808d1e343dd66d9d3a9f3db84
SSDEEP

24576:CZ5KTFD1E9g8V3Ee9Y5+CEm6pUXY+mzo3bv:E5KTFDka+i6glmzM

Score

10^/10

blustealer stormkitty collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

5.exe

Resource

win7-20220812-en

blustealer stormkitty collection stealer

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

5.exe

Resource

win10v2004-20220812-en

blustealer stormkitty collection stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  5
- Size
  
  891KB
- MD5
  
  fc5989f3d22dbbdecea721a3a149a584
- SHA1
  
  3d590bf3e2bcb6b6fb8d706421048793c1c3a295
- SHA256
  
  4346e1523a778cd8a6a7a63a57668b6b14d238db58a0c9a43589533bbf183773
- SHA512
  
  1441802146f4d3bd4f93a0d732fff7765e58bdcf7e8088270fb839a793b27839dab23e2781c2d5d281b0471c5e2b6a35aa7fa08808d1e343dd66d9d3a9f3db84
- SSDEEP
  
  24576:CZ5KTFD1E9g8V3Ee9Y5+CEm6pUXY+mzo3bv:E5KTFDka+i6glmzM
Score

10^/10

blustealer stormkitty collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- StormKitty
  StormKitty is an open source info stealer written in C#.
  stealer stormkitty
- StormKitty payload
- Accesses Microsoft Outlook profiles
  collection
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealerstormkittycollectionstealer

behavioral2

blustealerstormkittycollectionstealer

© 2018-2025

Terms | Privacy