General
-
Target
SecuriteInfo.com.Win32.PWSX-gen.23016.13533.exe
-
Size
800KB
-
Sample
221201-d2hyaaah25
-
MD5
502485879e64bb095637b7b28aa9f753
-
SHA1
bff34f5e2392eef629ecac1f13d31aa2313b040f
-
SHA256
6d4991fcf138200aacef788de1bdef481b0bef6200652e64348285614c2d7f20
-
SHA512
da861d6a3d429d5553041ebd52633f878d2d7c56c6382d0fa6f179cf6033237bac681a5391056fef6817b3c106728c956c8802e9171dee158782e190463c0d89
-
SSDEEP
24576:bGrcoegscYmGBZTFtt0h92KWKe0Sh+Dxa9j:IcnuYmGnTFtt0qHT95
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.PWSX-gen.23016.13533.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.PWSX-gen.23016.13533.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325
Targets
-
-
Target
SecuriteInfo.com.Win32.PWSX-gen.23016.13533.exe
-
Size
800KB
-
MD5
502485879e64bb095637b7b28aa9f753
-
SHA1
bff34f5e2392eef629ecac1f13d31aa2313b040f
-
SHA256
6d4991fcf138200aacef788de1bdef481b0bef6200652e64348285614c2d7f20
-
SHA512
da861d6a3d429d5553041ebd52633f878d2d7c56c6382d0fa6f179cf6033237bac681a5391056fef6817b3c106728c956c8802e9171dee158782e190463c0d89
-
SSDEEP
24576:bGrcoegscYmGBZTFtt0h92KWKe0Sh+Dxa9j:IcnuYmGnTFtt0qHT95
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-