General

  • Target

    4944-144-0x0000000000400000-0x000000000046E000-memory.dmp

  • Size

    440KB

  • Sample

    221023-j19bqshdak

  • MD5

    e7eae587c7ef6d1b8feed44afc7fc535

  • SHA1

    9e9bba3e73dee1c9f4f8b03db70f4f198791d665

  • SHA256

    61f75f21b8539add2cb489f6135557b3539df84b8d79025f208ec44d3be4493b

  • SHA512

    8a691f23a4f84bca5480994116d77774f0a55de160a301c67af2208c881ab1c71ac43278842bf2a84d8a355b441b3d30546c80425b7666ee9841a4f975bc38b8

  • SSDEEP

    12288:mWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:lxgsRftD0C2nKG

Score
10/10

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5755930650:AAElY45_nxTVkERZWnAInWKh0Sygx_xge0E/sendMessage?chat_id=1293496579

Targets

    • Target

      4944-144-0x0000000000400000-0x000000000046E000-memory.dmp

    • Size

      440KB

    • MD5

      e7eae587c7ef6d1b8feed44afc7fc535

    • SHA1

      9e9bba3e73dee1c9f4f8b03db70f4f198791d665

    • SHA256

      61f75f21b8539add2cb489f6135557b3539df84b8d79025f208ec44d3be4493b

    • SHA512

      8a691f23a4f84bca5480994116d77774f0a55de160a301c67af2208c881ab1c71ac43278842bf2a84d8a355b441b3d30546c80425b7666ee9841a4f975bc38b8

    • SSDEEP

      12288:mWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:lxgsRftD0C2nKG

    Score
    6/10
    • Accesses Microsoft Outlook profiles

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks