General
-
Target
f8de1a039dd5cd1daf706bfb62b5b5e4c132dc5669127f7e9a5e437d40b84029
-
Size
1.2MB
-
Sample
221013-b6dg9aafb3
-
MD5
9be98fb47edee3acab8a1471b98f374b
-
SHA1
7eb34021fdd67e32aca3a7098ed37c310eecab44
-
SHA256
f8de1a039dd5cd1daf706bfb62b5b5e4c132dc5669127f7e9a5e437d40b84029
-
SHA512
9d151921898104a7e5923ba65033d2e1f8a682b9a787818126b17c7ae06e8fdaa6c63c3d4c84a1a407e55fac76e458487093fe32cd8e27455e742b77af082077
-
SSDEEP
12288:WraodRoXbwufcugFmDbQNXcsc42enVkcqIYnMJ7mDgQsuThiTt4kGEPak:bX8siiscscH2vb8kmDgQ/62s
Static task
static1
Behavioral task
behavioral1
Sample
f8de1a039dd5cd1daf706bfb62b5b5e4c132dc5669127f7e9a5e437d40b84029.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f8de1a039dd5cd1daf706bfb62b5b5e4c132dc5669127f7e9a5e437d40b84029.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474
Targets
-
-
Target
f8de1a039dd5cd1daf706bfb62b5b5e4c132dc5669127f7e9a5e437d40b84029
-
Size
1.2MB
-
MD5
9be98fb47edee3acab8a1471b98f374b
-
SHA1
7eb34021fdd67e32aca3a7098ed37c310eecab44
-
SHA256
f8de1a039dd5cd1daf706bfb62b5b5e4c132dc5669127f7e9a5e437d40b84029
-
SHA512
9d151921898104a7e5923ba65033d2e1f8a682b9a787818126b17c7ae06e8fdaa6c63c3d4c84a1a407e55fac76e458487093fe32cd8e27455e742b77af082077
-
SSDEEP
12288:WraodRoXbwufcugFmDbQNXcsc42enVkcqIYnMJ7mDgQsuThiTt4kGEPak:bX8siiscscH2vb8kmDgQ/62s
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-