General
-
Target
1936-67-0x0000000000400000-0x000000000046E000-memory.dmp
-
Size
440KB
-
Sample
221018-jxsjtafad4
-
MD5
2e4121b0ea435ae903fbd0c6b1f0e0a9
-
SHA1
4fc913d317e9c81491a3aad516eb8b9c2c9c53a9
-
SHA256
eed6c2e5680f8056172c4da2b0b8cf914df584f04ebb6f03e02f06fe01eb9b7f
-
SHA512
d588f2457ef71e91facaa9649c5c2dc91c3a7d4f1fddf66fe443bac218bb1d2b33f219098c88da896dabd8593ad8b83c2083b99919e0e0c201173a5b4542c455
-
SSDEEP
12288:GWWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:G1xgsRftD0C2nKG
Behavioral task
behavioral1
Sample
1936-67-0x0000000000400000-0x000000000046E000-memory.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
1936-67-0x0000000000400000-0x000000000046E000-memory.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5310184325:AAFI3fSQ6VcGu_NSTmv7d-qK2WCVhYY_qfg/sendMessage?chat_id=1293496579
Targets
-
-
Target
1936-67-0x0000000000400000-0x000000000046E000-memory.dmp
-
Size
440KB
-
MD5
2e4121b0ea435ae903fbd0c6b1f0e0a9
-
SHA1
4fc913d317e9c81491a3aad516eb8b9c2c9c53a9
-
SHA256
eed6c2e5680f8056172c4da2b0b8cf914df584f04ebb6f03e02f06fe01eb9b7f
-
SHA512
d588f2457ef71e91facaa9649c5c2dc91c3a7d4f1fddf66fe443bac218bb1d2b33f219098c88da896dabd8593ad8b83c2083b99919e0e0c201173a5b4542c455
-
SSDEEP
12288:GWWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:G1xgsRftD0C2nKG
Score6/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-