General
-
Target
Details & Invoices.exe
-
Size
1.1MB
-
Sample
221025-psbndscgan
-
MD5
6518419b9de76da716fb64120d84efb2
-
SHA1
36c349c1d03b67c799d8b96bc76d9fea40f25e1f
-
SHA256
781a83f3ac8bb7d765db4ad32fcd1e07e585c533f300ddc847ea93d420c6d64c
-
SHA512
4da469d1051e44453c1575c76178dbff421a47e48694a35d1b15179307121333ffc45b5ec79a98eb70c3a7479224df9edf0eff50d0f2264c8c6f31df6b47b620
-
SSDEEP
24576:D1o9IkBL4tXTL5g7tFUBde4x9jBbke0fFkd7:D2IDLKBWO899bke0qd
Static task
static1
Behavioral task
behavioral1
Sample
Details & Invoices.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Details & Invoices.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474
Targets
-
-
Target
Details & Invoices.exe
-
Size
1.1MB
-
MD5
6518419b9de76da716fb64120d84efb2
-
SHA1
36c349c1d03b67c799d8b96bc76d9fea40f25e1f
-
SHA256
781a83f3ac8bb7d765db4ad32fcd1e07e585c533f300ddc847ea93d420c6d64c
-
SHA512
4da469d1051e44453c1575c76178dbff421a47e48694a35d1b15179307121333ffc45b5ec79a98eb70c3a7479224df9edf0eff50d0f2264c8c6f31df6b47b620
-
SSDEEP
24576:D1o9IkBL4tXTL5g7tFUBde4x9jBbke0fFkd7:D2IDLKBWO899bke0qd
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-