Overview

overview

7

Static

static

3

bulletz le...er.dll

windows7-x64

1

bulletz le...er.dll

windows10-2004-x64

1

bulletz le...er.exe

windows7-x64

7

bulletz le...er.exe

windows10-2004-x64

7

bulletz le...ge.dll

windows7-x64

1

bulletz le...ge.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bulletz leaked.rar

  • Size

    17.6MB

  • Sample

    220923-kb3y4ahfcp

  • MD5

    1cda3248932591053d37ac58534fc4ad

  • SHA1

    e9f9c1398e85fa2de115d3de0f8bb3583e275522

  • SHA256

    0ff15d42660883e59e4e5f473a6f512c5dd2818d9c7cb970261e91ebb3c00947

  • SHA512

    46a4bc7997495f6725ccbd0718022101dd3eafb14c9bbd8aa2cdccc028a47cdd6c926d70f8250fa56f562df0f47db7ad862d302ccdd0cac8f6ce8d75402ffbd5

  • SSDEEP

    393216:h7edYgWpDo9VSnsEz+o7iSsy2TXW+azlg488hn/1kikk7aUJoli:hSdY7NQdMsyWqlhh/11vCli

Score
7/10
pyinstallerspywarestealer

Malware Config

Targets

    • Target

      bulletz leaked/bulletz leaked/builder.dll

    • Size

      1.1MB

    • MD5

      8673eae95d67e5eb19f0eca3111408e8

    • SHA1

      ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb

    • SHA256

      576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d

    • SHA512

      65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239

    • SSDEEP

      24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q

    Score
    1/10
    behavioral1behavioral2

    • Target

      bulletz leaked/bulletz leaked/bulletz builder.exe

    • Size

      16.9MB

    • MD5

      01a5a9e779cfb17c35133bbdbcd375aa

    • SHA1

      a1da1c3517aa4a889c4bf47717babdf61afe3120

    • SHA256

      165b6c7ee3726a94987d9dc9c245645acc83c923c749569be43317411dbde029

    • SHA512

      24654f7447ddd08ab7836c61ca55a0c9d3c26a59c3c40eea4cf1d78919c4c8ad00d0e0b8becf35a1bdc23ee2731805a1697cd347491005d02f0662f9fbccaeb0

    • SSDEEP

      393216:Z0XU1WE1FeREWOL2Vmd6m0/m3pz0GzajJBfrSsvEl1Z0hAYg:3jeRayVmdiKDEJB2sMl1ZL/

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral3behavioral4

    • Target

      bulletz leaked/bulletz leaked/image.dll

    • Size

      1.1MB

    • MD5

      8673eae95d67e5eb19f0eca3111408e8

    • SHA1

      ad3e1ce93782537ffd3cd9e0bb9d30ae22d40ddb

    • SHA256

      576d2de2c9ef5bc1ea9bdd73ae8f408004260037c3b72227eed27e995166276d

    • SHA512

      65c4eadf448a643f45fa9a0d91497bb25af404c41a3a32686d9e99ba4f4e50783d73f5b13d5df505cc62c465be300746d84a2eaa8000531893cd0b19d6436239

    • SSDEEP

      24576:hUsmpWNSUFmCqJPNsTuJDYYviEcHy1t6Y:hSUQWSF8q

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks