General

  • Target

    order 64.exe

  • Size

    1.3MB

  • Sample

    221010-vdyr9scgen

  • MD5

    9a1ce8938bf2cc7231fe194847c0463d

  • SHA1

    9b60e23cfe957e8de5759cfcef5d001efdce182a

  • SHA256

    ad282ebd8f2c2125130fde6a3a6d26d336ffd90501af6ef44ee5dfc402bf866a

  • SHA512

    0d79e749df5bee373c6eda59925e5792a6877068f53601c0a78e0d0da7083861ebb3a871c97f09cfbf9f069a757f2e21d59fad9c49848e70c61de4575ae933a8

  • SSDEEP

    24576:hk12tA4pnkFR5i++22jl0qC/X8R38/Bl1j7GB/JmpEtg:61uqR5ibjl0VsR38Zl1j7GPmU

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

    • Target

      order 64.exe

    • Size

      1.3MB

    • MD5

      9a1ce8938bf2cc7231fe194847c0463d

    • SHA1

      9b60e23cfe957e8de5759cfcef5d001efdce182a

    • SHA256

      ad282ebd8f2c2125130fde6a3a6d26d336ffd90501af6ef44ee5dfc402bf866a

    • SHA512

      0d79e749df5bee373c6eda59925e5792a6877068f53601c0a78e0d0da7083861ebb3a871c97f09cfbf9f069a757f2e21d59fad9c49848e70c61de4575ae933a8

    • SSDEEP

      24576:hk12tA4pnkFR5i++22jl0qC/X8R38/Bl1j7GB/JmpEtg:61uqR5ibjl0VsR38Zl1j7GPmU

    • BluStealer

      A Modular information stealer written in Visual Basic.

    • Accesses Microsoft Outlook profiles

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks