Overview

overview

10

Static

static

10

tmp.exe

windows7-x64

6

tmp.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    440KB

  • Sample

    220912-whsx9aheen

  • MD5

    d192f0d7f70c0f0f57e2af7d87ae3000

  • SHA1

    b7598c3c8754d21f5b34b7fc74ea4ff4053648a5

  • SHA256

    51ccdddefb214c8c80d410f0872ad18d2d08d2396fc49e0d850086f2dd7f4583

  • SHA512

    8e29d4929955b3362208c6ea8b819d5e3582ef017a28c7ff026d895b65d5ee9cd66fcfc310fa126cd9f56db0764e760406da1d07e2132c30464f76b49cdb5499

  • SSDEEP

    12288:qWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmBZ:BxgsRftD0C2nKGP

Score
10/10
blustealercollection

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5310184325:AAFI3fSQ6VcGu_NSTmv7d-qK2WCVhYY_qfg/sendMessage?chat_id=1293496579

Targets

    • Target

      tmp

    • Size

      440KB

    • MD5

      d192f0d7f70c0f0f57e2af7d87ae3000

    • SHA1

      b7598c3c8754d21f5b34b7fc74ea4ff4053648a5

    • SHA256

      51ccdddefb214c8c80d410f0872ad18d2d08d2396fc49e0d850086f2dd7f4583

    • SHA512

      8e29d4929955b3362208c6ea8b819d5e3582ef017a28c7ff026d895b65d5ee9cd66fcfc310fa126cd9f56db0764e760406da1d07e2132c30464f76b49cdb5499

    • SSDEEP

      12288:qWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmBZ:BxgsRftD0C2nKGP

    Score
    6/10
    collection

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks