General
-
Target
35d443578b1eb0708d334d3e1250f68550a5db4d630f1813fed8e2fc58a2c6d0
-
Size
727KB
-
Sample
230201-mrqd2seg5x
-
MD5
6f8bb2ff11646a8e47c1b2a27d475010
-
SHA1
a300b7be64343ce6ab88edb0c71f3052663674d4
-
SHA256
35d443578b1eb0708d334d3e1250f68550a5db4d630f1813fed8e2fc58a2c6d0
-
SHA512
97eb09ab5e244d1e367104efd1a17267390589121a58a1840e282f7ef15ceea933432168dae8caf31d6ca35af3fa9341c9f604b9e944aea86983484ace961e36
-
SSDEEP
12288:csyxZCYQneRW88If1cmRBPA0nV2sb+xUVWcyN:cjZCr7gf1cIA0nos6Cn
Static task
static1
Behavioral task
behavioral1
Sample
35d443578b1eb0708d334d3e1250f68550a5db4d630f1813fed8e2fc58a2c6d0.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
35d443578b1eb0708d334d3e1250f68550a5db4d630f1813fed8e2fc58a2c6d0.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
blustealer
Protocol: smtp- Host:
budgetn.shop - Port:
587 - Username:
[email protected] - Password:
X&Y=[g89L4D/**
Targets
-
-
Target
35d443578b1eb0708d334d3e1250f68550a5db4d630f1813fed8e2fc58a2c6d0
-
Size
727KB
-
MD5
6f8bb2ff11646a8e47c1b2a27d475010
-
SHA1
a300b7be64343ce6ab88edb0c71f3052663674d4
-
SHA256
35d443578b1eb0708d334d3e1250f68550a5db4d630f1813fed8e2fc58a2c6d0
-
SHA512
97eb09ab5e244d1e367104efd1a17267390589121a58a1840e282f7ef15ceea933432168dae8caf31d6ca35af3fa9341c9f604b9e944aea86983484ace961e36
-
SSDEEP
12288:csyxZCYQneRW88If1cmRBPA0nV2sb+xUVWcyN:cjZCr7gf1cIA0nos6Cn
Score10/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-