blustealer | 495f994e17e2e1e34e6b2242ddc4d8bb9f7924ba751a075e7c1c45fcc0f010f8 | Triage

Sharing

General

Target

1472-62-0x0000000000400000-0x0000000000654000-memory.dmp
Size

2.3MB
Sample

230416-pz7dmsab64
MD5

a8bf8dcc41edca00a7b3aa21770846af
SHA1

ab08f1c1a6fbbd1a6ca6d4cccd2ddb5965a5fe67
SHA256

495f994e17e2e1e34e6b2242ddc4d8bb9f7924ba751a075e7c1c45fcc0f010f8
SHA512

f055510b392c9db9f8d6bf66e80192fa530ec67d73df960b059f1761b689fa1d8cb475aefe5748b60045de5e23ee4b9d75d5ae0cccc1153d10de774ecf2d761e
SSDEEP

12288:XWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:AxgsRftD0C2nKG

Score

10^/10

blustealer stealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

- Target
  
  1472-62-0x0000000000400000-0x0000000000654000-memory.dmp
- Size
  
  2.3MB
- MD5
  
  a8bf8dcc41edca00a7b3aa21770846af
- SHA1
  
  ab08f1c1a6fbbd1a6ca6d4cccd2ddb5965a5fe67
- SHA256
  
  495f994e17e2e1e34e6b2242ddc4d8bb9f7924ba751a075e7c1c45fcc0f010f8
- SHA512
  
  f055510b392c9db9f8d6bf66e80192fa530ec67d73df960b059f1761b689fa1d8cb475aefe5748b60045de5e23ee4b9d75d5ae0cccc1153d10de774ecf2d761e
- SSDEEP
  
  12288:XWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmB:AxgsRftD0C2nKG
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer