Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02a0b1c2cdeed6baf61d6e94cef63361c46607817ff7ae7ae0fc870471737e68

  • Size

    278KB

  • Sample

    220920-sf9anshagj

  • MD5

    01504654567e766fae3aa3032bd6961f

  • SHA1

    b1e527d712ede2057172b54178367f8a844f7183

  • SHA256

    02a0b1c2cdeed6baf61d6e94cef63361c46607817ff7ae7ae0fc870471737e68

  • SHA512

    54644c1b1c92dc4c923b225a351cbcafb469c8c35cc186f97bd7014af32a8e162d8d8b4e57515faac2a17e99fe9035f1e6208f81dbc5a962e9ac9e0743f847fc

  • SSDEEP

    6144:lmlBUNYOACHBwA4Oav5Atl40KBeQDhfdmWA:wlBUOCHBIAlCBeiU/

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5351997584:AAEyh4aj9rNp8tJtHYZqoYG-PSzq-z5M18M/sendMessage?chat_id=1374455932

Targets

    • Target

      02a0b1c2cdeed6baf61d6e94cef63361c46607817ff7ae7ae0fc870471737e68

    • Size

      278KB

    • MD5

      01504654567e766fae3aa3032bd6961f

    • SHA1

      b1e527d712ede2057172b54178367f8a844f7183

    • SHA256

      02a0b1c2cdeed6baf61d6e94cef63361c46607817ff7ae7ae0fc870471737e68

    • SHA512

      54644c1b1c92dc4c923b225a351cbcafb469c8c35cc186f97bd7014af32a8e162d8d8b4e57515faac2a17e99fe9035f1e6208f81dbc5a962e9ac9e0743f847fc

    • SSDEEP

      6144:lmlBUNYOACHBwA4Oav5Atl40KBeQDhfdmWA:wlBUOCHBIAlCBeiU/

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Downloads MZ/PE file

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks