General
-
Target
8198537176.zip
-
Size
845KB
-
Sample
221024-sgf1hshdaj
-
MD5
4c5dda4790f3ede26d4cd2864a945823
-
SHA1
1addad4904b19f0e19e1242d07ff2376ec27aeac
-
SHA256
11056e183ec9ae4bad6f5c180fc37460d504e13776d7214b2a8b60fad449bfeb
-
SHA512
47821b5685844ffbc5b2accb4248650cc48ea2b4e545f9e9b508d46c8d1a2993e2bf40c2c0b65d6fd5766e547cb726d2703204a0178679c2e330dea8317531e1
-
SSDEEP
24576:NjCM87ts+XH3oMPAO59ssrdDh3eVbPcRNfZ4oETg1:Nz8xNXH3oMP3KsZt3CMxHETU
Static task
static1
Behavioral task
behavioral1
Sample
781a83f3ac8bb7d765db4ad32fcd1e07e585c533f300ddc847ea93d420c6d64c.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
781a83f3ac8bb7d765db4ad32fcd1e07e585c533f300ddc847ea93d420c6d64c.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474
Targets
-
-
Target
781a83f3ac8bb7d765db4ad32fcd1e07e585c533f300ddc847ea93d420c6d64c
-
Size
1.1MB
-
MD5
6518419b9de76da716fb64120d84efb2
-
SHA1
36c349c1d03b67c799d8b96bc76d9fea40f25e1f
-
SHA256
781a83f3ac8bb7d765db4ad32fcd1e07e585c533f300ddc847ea93d420c6d64c
-
SHA512
4da469d1051e44453c1575c76178dbff421a47e48694a35d1b15179307121333ffc45b5ec79a98eb70c3a7479224df9edf0eff50d0f2264c8c6f31df6b47b620
-
SSDEEP
24576:D1o9IkBL4tXTL5g7tFUBde4x9jBbke0fFkd7:D2IDLKBWO899bke0qd
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-