Overview

overview

10

Static

static

1

QUOTATION ...99.exe

windows7-x64

1

QUOTATION ...99.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    QUOTATION _RFQ# 1043999.exe

  • Size

    1.1MB

  • Sample

    230321-txj8jsbh76

  • MD5

    e434e422d6bb9bc02f9a4be0b1c41d1b

  • SHA1

    af7347b789fb43b26a83f4864e50eedf7f62095e

  • SHA256

    c269b1931db163462343d0ecd8ef501e35e4da91c91f1464c8d526ef07a041bd

  • SHA512

    72ffed26dfa5617a70852e88d8058d6adebcbd771bc3f0102f8fcf9bdddcac2264b37d07b5fd4790c177ad87f81fce0253ff9fc85c22f8034c066e66df657552

  • SSDEEP

    24576:nVlj9vY9URDvRtWBQDtty/ziBgqMSAqzQYkYJrrzZL:nVB9g9YDptWuryduIA1L

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

    • Target

      QUOTATION _RFQ# 1043999.exe

    • Size

      1.1MB

    • MD5

      e434e422d6bb9bc02f9a4be0b1c41d1b

    • SHA1

      af7347b789fb43b26a83f4864e50eedf7f62095e

    • SHA256

      c269b1931db163462343d0ecd8ef501e35e4da91c91f1464c8d526ef07a041bd

    • SHA512

      72ffed26dfa5617a70852e88d8058d6adebcbd771bc3f0102f8fcf9bdddcac2264b37d07b5fd4790c177ad87f81fce0253ff9fc85c22f8034c066e66df657552

    • SSDEEP

      24576:nVlj9vY9URDvRtWBQDtty/ziBgqMSAqzQYkYJrrzZL:nVB9g9YDptWuryduIA1L

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks