Overview

overview

10

Static

static

1

payload.exe

windows7-x64

10

payload.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    payload.exe

  • Size

    867KB

  • Sample

    230317-ktgtkshc6t

  • MD5

    673a89ca2337a34c3e377203fcbb10cf

  • SHA1

    80bd02c2298c76303e31ae851c997ebb73788b86

  • SHA256

    09dc4d3be6dce14fd4e9a99c95b5afd5d29947742053e47466d8a468d49f490e

  • SHA512

    e83292db6fe9afb60d6fa5ec5da6ce2def9cd6b95660bfe1971ddcf3e7fd28a013e9b85a595e8564b27473882393da8e871fe1e32dfe06eff7734aab439a783b

  • SSDEEP

    24576:EvgMXBy6gVm26JqzICGRTttDoEXTmbo3DE0HHhXb9D6dh0:LMX46gVV64MJZjmc3Dnhl6dG

Score
10/10
bluefoxspywarestealer

Malware Config

Targets

    • Target

      payload.exe

    • Size

      867KB

    • MD5

      673a89ca2337a34c3e377203fcbb10cf

    • SHA1

      80bd02c2298c76303e31ae851c997ebb73788b86

    • SHA256

      09dc4d3be6dce14fd4e9a99c95b5afd5d29947742053e47466d8a468d49f490e

    • SHA512

      e83292db6fe9afb60d6fa5ec5da6ce2def9cd6b95660bfe1971ddcf3e7fd28a013e9b85a595e8564b27473882393da8e871fe1e32dfe06eff7734aab439a783b

    • SSDEEP

      24576:EvgMXBy6gVm26JqzICGRTttDoEXTmbo3DE0HHhXb9D6dh0:LMX46gVV64MJZjmc3Dnhl6dG

    Score
    10/10
    bluefoxspywarestealer

    • BlueFox

      BlueFox is an infostealer written in C# and first seen in December 2021.

      stealerbluefox

    • BlueFox Stealer payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks