Overview

overview

10

Static

static

1

4b9b4b9c7b...da.exe

windows7-x64

1

4b9b4b9c7b...da.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b9b4b9c7b90ff35a4842f1cd52b4ccd644a71775906560d0d280e71ced15fda.zip

  • Size

    542KB

  • Sample

    230308-mkmpksfa7y

  • MD5

    25b646b4385e4a368f224e393eb0cde7

  • SHA1

    5001113f4dbb5cb31e831107aa71067541338269

  • SHA256

    58221e522811e86bdfe2e6dc624f910b08694af41321699ec289afaea92ddf43

  • SHA512

    068eca9cb4ed909640f56542151925fcf72a330ada7c3b4ff44c5c543cf77d231f31a07566c932f9367cc5cb33d3bcdc685039585e245f43a03b370c0ceb4ec1

  • SSDEEP

    12288:vidjD8ksdjBm8+W3uhTpAst24Wh03JUSbijm:vidjAnTmLW6GQJgjm

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.fidvision.icu
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    Admin@123

Targets

    • Target

      4b9b4b9c7b90ff35a4842f1cd52b4ccd644a71775906560d0d280e71ced15fda.exe

    • Size

      646KB

    • MD5

      6776447387587d3546350f090ff756f4

    • SHA1

      67a41fc5c4bf832d5ebe569943c1e70104342992

    • SHA256

      4b9b4b9c7b90ff35a4842f1cd52b4ccd644a71775906560d0d280e71ced15fda

    • SHA512

      753e9b8b6fa07c4debbe96c3f2897831622bd8845ef68b7bb92ed7c33f104895f31de2fe5a01da2a0f108c4047291163b427928b2a989bc54fdf7d06b2f5c3d9

    • SSDEEP

      12288:0JJqYzhltD7BybICsQmOk+DH1TbpVbC5cPhle2cEbuo9fif+:0JJZhbpPBQVVWyeEH9qm

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks