General

  • Target

    1936-67-0x0000000000400000-0x000000000046E000-memory.dmp

  • Size

    440KB

  • Sample

    221018-jxsjtafad4

  • MD5

    2e4121b0ea435ae903fbd0c6b1f0e0a9

  • SHA1

    4fc913d317e9c81491a3aad516eb8b9c2c9c53a9

  • SHA256

    eed6c2e5680f8056172c4da2b0b8cf914df584f04ebb6f03e02f06fe01eb9b7f

  • SHA512

    d588f2457ef71e91facaa9649c5c2dc91c3a7d4f1fddf66fe443bac218bb1d2b33f219098c88da896dabd8593ad8b83c2083b99919e0e0c201173a5b4542c455

  • SSDEEP

    12288:GWWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:G1xgsRftD0C2nKG

Score
10/10

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5310184325:AAFI3fSQ6VcGu_NSTmv7d-qK2WCVhYY_qfg/sendMessage?chat_id=1293496579

Targets

    • Target

      1936-67-0x0000000000400000-0x000000000046E000-memory.dmp

    • Size

      440KB

    • MD5

      2e4121b0ea435ae903fbd0c6b1f0e0a9

    • SHA1

      4fc913d317e9c81491a3aad516eb8b9c2c9c53a9

    • SHA256

      eed6c2e5680f8056172c4da2b0b8cf914df584f04ebb6f03e02f06fe01eb9b7f

    • SHA512

      d588f2457ef71e91facaa9649c5c2dc91c3a7d4f1fddf66fe443bac218bb1d2b33f219098c88da896dabd8593ad8b83c2083b99919e0e0c201173a5b4542c455

    • SSDEEP

      12288:GWWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:G1xgsRftD0C2nKG

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks