blustealer | 42263e557ad50b22270aa78bc80360442bbb0475d12983e2bf760da7c3f6a3f6 | Triage

Submit
Reports

Overview

overview

Static

static

Technical ...on.exe

windows7-x64

Technical ...on.exe

windows10-2004-x64

Sharing

General

Target

Technical specification.exe
Size

1.2MB
Sample

221006-rq24nshhcn
MD5

31a29680b013c3d2928ada03074d0152
SHA1

25f08eaca9a1ba6b07f169d4a8095b1306d6342a
SHA256

42263e557ad50b22270aa78bc80360442bbb0475d12983e2bf760da7c3f6a3f6
SHA512

bb79319aa3b0191458d246fa83d4b84a65786cbfe14c2ab399dd22fd9aec65d680eaed2b0d24d44a0e419e79a5fb9a831fe282ec3aef7f17e2a4b6c72cb0f0fd
SSDEEP

24576:C74ve4hlhZ9JsMengztif/3uF5xOYZYaz0m:C4bvhiati33KTY20m

Score

10^/10

blustealer collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

Technical specification.exe

Resource

win7-20220901-en

blustealer collection stealer

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

Technical specification.exe

Resource

win10v2004-20220812-en

blustealer collection stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

- Target
  
  Technical specification.exe
- Size
  
  1.2MB
- MD5
  
  31a29680b013c3d2928ada03074d0152
- SHA1
  
  25f08eaca9a1ba6b07f169d4a8095b1306d6342a
- SHA256
  
  42263e557ad50b22270aa78bc80360442bbb0475d12983e2bf760da7c3f6a3f6
- SHA512
  
  bb79319aa3b0191458d246fa83d4b84a65786cbfe14c2ab399dd22fd9aec65d680eaed2b0d24d44a0e419e79a5fb9a831fe282ec3aef7f17e2a4b6c72cb0f0fd
- SSDEEP
  
  24576:C74ve4hlhZ9JsMengztif/3uF5xOYZYaz0m:C4bvhiati33KTY20m
Score

10^/10

blustealer collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealercollectionstealer

behavioral2

blustealercollectionstealer

© 2018-2024

Terms | Privacy