Overview

overview

10

Static

static

3

technical ...df.exe

windows7-x64

10

technical ...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    technical spec_pdf.exe

  • Size

    964KB

  • Sample

    230505-tdxdrsbd48

  • MD5

    d5a045e300184028b6a6dfc75a303307

  • SHA1

    5fc5a4a17bc5ad2e7ee4da563d5a348c618c0cf9

  • SHA256

    fd482fa2269db98e32ec1a0ecb21f132083e07dfdccf4baa9ec8d305c63eae23

  • SHA512

    0fb4fe0cc538995303669b8a3bb1576c0c462caee47ff2c8c2545ea760c21a4f9a36be8600295f9ea98034afc313cc63de2940b21013a04ad2d29070b539dae1

  • SSDEEP

    24576:5MaB1dLvo9yPmx0k6F9FkjefS/cIXVaUys/FvV:5pB1Zw9yPk6fFkjCihllFv

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

    • Target

      technical spec_pdf.exe

    • Size

      964KB

    • MD5

      d5a045e300184028b6a6dfc75a303307

    • SHA1

      5fc5a4a17bc5ad2e7ee4da563d5a348c618c0cf9

    • SHA256

      fd482fa2269db98e32ec1a0ecb21f132083e07dfdccf4baa9ec8d305c63eae23

    • SHA512

      0fb4fe0cc538995303669b8a3bb1576c0c462caee47ff2c8c2545ea760c21a4f9a36be8600295f9ea98034afc313cc63de2940b21013a04ad2d29070b539dae1

    • SSDEEP

      24576:5MaB1dLvo9yPmx0k6F9FkjefS/cIXVaUys/FvV:5pB1Zw9yPk6fFkjCihllFv

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks