General

  • Target

    tmp

  • Size

    440KB

  • Sample

    220907-je1gpsbcf8

  • MD5

    a79e9aff885b5aa305517c3836d10be1

  • SHA1

    a71d4faf5b3d863144d361129c4f52b6e66de27d

  • SHA256

    1c5bf7e3edbccd4fe44d97baba8529438169f346769e109b2b660d1b45b2a02b

  • SHA512

    d8d7f5ed21a3c76c6ffa430f44f964d76529fb31c6eb4a838b5b74265a5c989d239111b530fb3673358ef70fc0a51e6adb0630dca0fbfe72a66b9802d2d9fd4f

  • SSDEEP

    12288:d8WnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:dnxgsRftD0C2nKG

Score
10/10

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5535376508:AAGIkj1WObA9laUkCoGdCF3fvIC_BvhvWso/sendMessage?chat_id=5379877658

Targets

    • Target

      tmp

    • Size

      440KB

    • MD5

      a79e9aff885b5aa305517c3836d10be1

    • SHA1

      a71d4faf5b3d863144d361129c4f52b6e66de27d

    • SHA256

      1c5bf7e3edbccd4fe44d97baba8529438169f346769e109b2b660d1b45b2a02b

    • SHA512

      d8d7f5ed21a3c76c6ffa430f44f964d76529fb31c6eb4a838b5b74265a5c989d239111b530fb3673358ef70fc0a51e6adb0630dca0fbfe72a66b9802d2d9fd4f

    • SSDEEP

      12288:d8WnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:dnxgsRftD0C2nKG

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks