blustealer | cf30a2612dd37efc7dd30b05344149138d2ecf80225136deb483074bfc3f955c | Triage

Submit
Reports

Overview

overview

Static

static

cd101d3d19...45.exe

windows7-x64

cd101d3d19...45.exe

windows10-2004-x64

Sharing

General

Target

7991156128.zip
Size

856KB
Sample

220912-qghg8shagm
MD5

ffbc6a9a4f77994d7f39198e84276d58
SHA1

d18214ae4a92d2a1d83effeb544d27cc7ffbeb2c
SHA256

cf30a2612dd37efc7dd30b05344149138d2ecf80225136deb483074bfc3f955c
SHA512

ed445194741a58414b30e7a00fc0af8c71c4da6cefe8189ebbc9556804a8a90152c525ad39ced2bd6148b32e2d7f4de072ad3474228ef63dd16143e571a58568
SSDEEP

24576:9QPYc7enKb9uhZRRvnvuTVy4rUIzNUUsIjfkn9JM2zDJlw917jZ:KX7eW0ZRITVy4nzNUUs2f0MoojZ

Score

10^/10

blustealer collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

cd101d3d19d5e797d9a151c9c4dd1db497f8e4ec680a7fb99a69b6af36634445.exe

Resource

win7-20220812-en

blustealer collection stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd101d3d19d5e797d9a151c9c4dd1db497f8e4ec680a7fb99a69b6af36634445.exe

Resource

win10v2004-20220812-en

blustealer collection stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

- Target
  
  cd101d3d19d5e797d9a151c9c4dd1db497f8e4ec680a7fb99a69b6af36634445
- Size
  
  1.2MB
- MD5
  
  9525bd775591fc765660eeb64002741f
- SHA1
  
  0cb836092ba969107916c7445c790876a61912a6
- SHA256
  
  cd101d3d19d5e797d9a151c9c4dd1db497f8e4ec680a7fb99a69b6af36634445
- SHA512
  
  4ecea438e61f1b5decde0218ccf38146fadbda35531fe8b79ddd5cd47014d185cff8c6d94e6f4e1aaa7478d12c20b2c9d392ccbfa642be97c1b272003bb3df10
- SSDEEP
  
  24576:C5nVyP/M6tQ5Cr0qwvNIQFQdS6vK2NqM4:IVA/TtQclwvNICQpvK2NqF
Score

10^/10

blustealer collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealercollectionstealer

behavioral2

blustealercollectionstealer

© 2018-2025

Terms | Privacy