General
-
Target
tmp
-
Size
440KB
-
Sample
220907-je1gpsbcf8
-
MD5
a79e9aff885b5aa305517c3836d10be1
-
SHA1
a71d4faf5b3d863144d361129c4f52b6e66de27d
-
SHA256
1c5bf7e3edbccd4fe44d97baba8529438169f346769e109b2b660d1b45b2a02b
-
SHA512
d8d7f5ed21a3c76c6ffa430f44f964d76529fb31c6eb4a838b5b74265a5c989d239111b530fb3673358ef70fc0a51e6adb0630dca0fbfe72a66b9802d2d9fd4f
-
SSDEEP
12288:d8WnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:dnxgsRftD0C2nKG
Behavioral task
behavioral1
Sample
tmp.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
tmp.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5535376508:AAGIkj1WObA9laUkCoGdCF3fvIC_BvhvWso/sendMessage?chat_id=5379877658
Targets
-
-
Target
tmp
-
Size
440KB
-
MD5
a79e9aff885b5aa305517c3836d10be1
-
SHA1
a71d4faf5b3d863144d361129c4f52b6e66de27d
-
SHA256
1c5bf7e3edbccd4fe44d97baba8529438169f346769e109b2b660d1b45b2a02b
-
SHA512
d8d7f5ed21a3c76c6ffa430f44f964d76529fb31c6eb4a838b5b74265a5c989d239111b530fb3673358ef70fc0a51e6adb0630dca0fbfe72a66b9802d2d9fd4f
-
SSDEEP
12288:d8WnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:dnxgsRftD0C2nKG
Score6/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-