Extracted

• • Target

    PO 152421.exe

  • Size

    501KB

  • MD5

    460bdbbe5a6b8bd3f887c8b6fd4128a2

  • SHA1

    891099bcbf82de10e1b197d2c42b2044dc0bed46

  • SHA256

    58d5286e5694f883d2452a81e5f6e77413292ba388300a6e44dd0f91e217aff1

  • SHA512

    b741e4bc33762adc9dee71f7a348ec9e7615bd4631bb73c39e4d69a01e8d469a3eb1aa303c691e2671aa939c223c6fc4a5bc05b2dea23b40f3e5422e2b4b3c6c

  • SSDEEP

    12288:/YFfpyLOuydXBmm+vie9mUX1NqRBchWc6P0vMLxJRg0ExsOPn7jhPhl9iqo+/:/YFhyCuCoie9nFNqgL6P0vlLxVP7FT93

  Score

  10^/10

  blustealercollectionstealer

  • BluStealer

    A Modular information stealer written in Visual Basic.

    stealerblustealer

  • Executes dropped EXE

  • Loads dropped DLL

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2