blustealer | bd3939614126a2d4f1f34c18338872065d3c6f02f4a8ed01a2c864e6a83aa2b0 | Triage

Submit
Reports

Overview

overview

Static

static

1

QUOTATION ...99.exe

windows7-x64

QUOTATION ...99.exe

windows10-2004-x64

Sharing

General

Target

QUOTATION _RFQ# 1043999_1.gz
Size

973KB
Sample

230321-w3rkxscd97
MD5

fbcb9635de97b002df00f4dc9f725e6e
SHA1

3dd5989c06a079e74789c574fd8851b0433786af
SHA256

bd3939614126a2d4f1f34c18338872065d3c6f02f4a8ed01a2c864e6a83aa2b0
SHA512

fa4f474aed5d5c4c7bd9ecf40f54988adf5bdc23ae8ebbd791576d867359aeea31e7d52543d49f7127a0b43b27aacf8ac1770f3a313fb1e5cb8c7624b777320f
SSDEEP

24576:47vvE/sNtaDUWFuxU5S4btFyfnBVNc6Obf8uf9tDZx8ehYL:47XxcDfuufFyfnHNpif8+3Df7hYL

Score

10^/10

blustealer collection stealer

Static task

static1

Behavioral task

behavioral1

Sample

QUOTATION _RFQ# 1043999.exe

Resource

win7-20230220-en

blustealer collection stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

QUOTATION _RFQ# 1043999.exe

Resource

win10v2004-20230220-en

blustealer collection stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

- Target
  
  QUOTATION _RFQ# 1043999.exe
- Size
  
  1.1MB
- MD5
  
  e434e422d6bb9bc02f9a4be0b1c41d1b
- SHA1
  
  af7347b789fb43b26a83f4864e50eedf7f62095e
- SHA256
  
  c269b1931db163462343d0ecd8ef501e35e4da91c91f1464c8d526ef07a041bd
- SHA512
  
  72ffed26dfa5617a70852e88d8058d6adebcbd771bc3f0102f8fcf9bdddcac2264b37d07b5fd4790c177ad87f81fce0253ff9fc85c22f8034c066e66df657552
- SSDEEP
  
  24576:nVlj9vY9URDvRtWBQDtty/ziBgqMSAqzQYkYJrrzZL:nVB9g9YDptWuryduIA1L
Score

10^/10

blustealer collection stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealercollectionstealer

behavioral2

blustealercollectionstealer

© 2018-2025

Terms | Privacy