Behavioral task
behavioral1
Sample
c56a00b4b8ebc12b8798e6ec7ab8e2c9815716fa40bb92488cb3e5c8a227d455.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c56a00b4b8ebc12b8798e6ec7ab8e2c9815716fa40bb92488cb3e5c8a227d455.exe
Resource
win10v2004-20220812-en
General
-
Target
c56a00b4b8ebc12b8798e6ec7ab8e2c9815716fa40bb92488cb3e5c8a227d455
-
Size
160KB
-
MD5
5b73cf60cb7b12a90601aa9062b5474e
-
SHA1
23edae3a767908f0061711ecb2986ac85933cba2
-
SHA256
c56a00b4b8ebc12b8798e6ec7ab8e2c9815716fa40bb92488cb3e5c8a227d455
-
SHA512
ee286518e2ad2a652bf9a9ea2cfdeacbbe8048fd555dc7e6a19b871223b3c2406145cdc59abb7ebddbb1a9f7c2c3a678cfa6c4035c7464c5260e5364e2744777
-
SSDEEP
3072:r0Wl1txud+fszk1DAgp4uFIDTzw1N0SSyvqzKGeEdP9d78bddVb3Zsqz:r0Wl1r0+fhXr6DTM1v9vqzKGeErd78b1
Malware Config
Signatures
-
BlueFox Stealer payload 1 IoCs
Processes:
resource yara_rule sample family_bluefox -
Bluefox family
Files
-
c56a00b4b8ebc12b8798e6ec7ab8e2c9815716fa40bb92488cb3e5c8a227d455.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 158KB - Virtual size: 157KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ