Overview

overview

10

Static

static

Technical ...on.exe

windows7-x64

10

Technical ...on.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7425ad995a6d2ccd2dd2e74ef363e4d8-sample.zip

  • Size

    890KB

  • Sample

    221007-zrp5hadeg4

  • MD5

    a8462cfc49a1c8e2ad7964c47129cb3c

  • SHA1

    6b089dea33af67b9d9b15f3e107f8d806f65b51b

  • SHA256

    1563ee942b822e7f3b936cf6b58bfc64a723f964ffb0a4da15000f6f8161d9a3

  • SHA512

    e900989a06a08a424c30a15b85e4fa36595ff15e876297381b74443346944448ac31fe8e625ca203842151c1633669948919ca6c20f0f421b6246a25ed866703

  • SSDEEP

    24576:WVyo91eBCSE9qfBsYlBuWavBgK5pkrE2CkGqc0Xiplo:WnAEAfB9BFad5p2qqR

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

    • Target

      Technical specification.exe

    • Size

      1.2MB

    • MD5

      b63bd686cca7a0de40ba595e1c55c3df

    • SHA1

      c8a7b28371decc264b410bf48beded50b8038a4c

    • SHA256

      6f5748c69eb521632a3ba9757852672895c983c0886e8cddaa4dd4266f2e5a46

    • SHA512

      c6f11a341630e6accfe78736f13286ab674a7095c14074fb1a84c96d5b587e8f79060d80957164760896347fcb85cf7708a9745fe22e9f5b6df86fcd0303752e

    • SSDEEP

      12288:c2iNIJ2uJUpVLOmO3/XAonActMpNgsUF2SEFvxnvXjNWODQLadmpA8SDhY+Cc0XL:c1nppUPA9HlUsvZoKNmOrT0XwJJl

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks