General
-
Target
Purchase Order.exe
-
Size
1012KB
-
Sample
221030-qjx1pscbd6
-
MD5
7488038af7f8186a5f38f337b2a97a27
-
SHA1
1ed765da594deb249734c196d2d5ddb45eb888cb
-
SHA256
72b53805a4f865668bae4e6623be68b8c47e672910f5ebbbe42cbd6605ad35e1
-
SHA512
fd361d4355c6e419ccfa3ec882612495e21e6f61aa77666132f9749827940e5c7cc5949afc8b2f32ca30b81d8863056d2e8743bf6fc37e760fba6c0e447f9c43
-
SSDEEP
24576:C1oN67sWLUxMdLLBGpriRrl4Jiz69s2i/hd4pWgOj1zZnO:CkFxMdPqGRaJK/kpWgE
Static task
static1
Behavioral task
behavioral1
Sample
Purchase Order.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Purchase Order.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325
Targets
-
-
Target
Purchase Order.exe
-
Size
1012KB
-
MD5
7488038af7f8186a5f38f337b2a97a27
-
SHA1
1ed765da594deb249734c196d2d5ddb45eb888cb
-
SHA256
72b53805a4f865668bae4e6623be68b8c47e672910f5ebbbe42cbd6605ad35e1
-
SHA512
fd361d4355c6e419ccfa3ec882612495e21e6f61aa77666132f9749827940e5c7cc5949afc8b2f32ca30b81d8863056d2e8743bf6fc37e760fba6c0e447f9c43
-
SSDEEP
24576:C1oN67sWLUxMdLLBGpriRrl4Jiz69s2i/hd4pWgOj1zZnO:CkFxMdPqGRaJK/kpWgE
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-