Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

New Order.exe

windows7-x64

10

New Order.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8275d18cde9c9cbf71a4aa7a8dd068d85a7699fcc9f4d49bc285466b1e4f9d49.zip

  • Size

    484KB

  • Sample

    230321-qp3s5sae58

  • MD5

    49de1e48c6f93e3c19c1ef4466abc987

  • SHA1

    7a05b42104ff3b70334e9e913a51959d9890a4a1

  • SHA256

    9eb892f7910e074d3cba5a699ee0e993a5c00bf102b143889e117edf7c405d5d

  • SHA512

    3eca9e87586602ec4fc1712af3661094b99e1d0930da033b177b39ba28829b2bb7ef048ddeadafe97bb65ef87d8f2d3f8fd82efc914b71905310b39dfbc1f8f9

  • SSDEEP

    6144:mT/+agmD0p+JY1u5pvYtMov4Ej3vHjvW6RnWj4ueHqk5+8Nnx6oXc/aIkc/fWUff:w+q0W6A8rnv/WjQ7+8Nn1HjUfLAeQ50

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

    • Target

      New Order.exe

    • Size

      499KB

    • MD5

      ffa979499187908e3abd52a5eb23ba98

    • SHA1

      313c4451e3e5473732c9b2cef7c943060a91f452

    • SHA256

      1cd904a688c0d0f13f06c5c113ad638649ab10c1ed756dc65933f34bbf22014b

    • SHA512

      1861e3b2593934611181c71c31d2237bb8df839d555f003e8b4110a9d1ab4612180fd59af97349be0cf416a2e7fc455f7f39e62f4785deb2c94bc503985ed31f

    • SSDEEP

      12288:/Ysz65It6fQFY4LvtsnEdCBl5cll3rVLDHqFS:/YszDt6fQnGnGWilt5DHqFS

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.