General
-
Target
order 64.exe
-
Size
1.3MB
-
Sample
221010-vdyr9scgen
-
MD5
9a1ce8938bf2cc7231fe194847c0463d
-
SHA1
9b60e23cfe957e8de5759cfcef5d001efdce182a
-
SHA256
ad282ebd8f2c2125130fde6a3a6d26d336ffd90501af6ef44ee5dfc402bf866a
-
SHA512
0d79e749df5bee373c6eda59925e5792a6877068f53601c0a78e0d0da7083861ebb3a871c97f09cfbf9f069a757f2e21d59fad9c49848e70c61de4575ae933a8
-
SSDEEP
24576:hk12tA4pnkFR5i++22jl0qC/X8R38/Bl1j7GB/JmpEtg:61uqR5ibjl0VsR38Zl1j7GPmU
Static task
static1
Behavioral task
behavioral1
Sample
order 64.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
order 64.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474
Targets
-
-
Target
order 64.exe
-
Size
1.3MB
-
MD5
9a1ce8938bf2cc7231fe194847c0463d
-
SHA1
9b60e23cfe957e8de5759cfcef5d001efdce182a
-
SHA256
ad282ebd8f2c2125130fde6a3a6d26d336ffd90501af6ef44ee5dfc402bf866a
-
SHA512
0d79e749df5bee373c6eda59925e5792a6877068f53601c0a78e0d0da7083861ebb3a871c97f09cfbf9f069a757f2e21d59fad9c49848e70c61de4575ae933a8
-
SSDEEP
24576:hk12tA4pnkFR5i++22jl0qC/X8R38/Bl1j7GB/JmpEtg:61uqR5ibjl0VsR38Zl1j7GPmU
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-