Overview

overview

10

Static

static

3

Quote 1345 rev.7.exe

windows7-x64

10

Quote 1345 rev.7.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Quote 1345 rev.7.exe

  • Size

    873KB

  • Sample

    230509-j28ftsgh2s

  • MD5

    976a912fe44d3b31ef181277129b3ca3

  • SHA1

    b5ec4fd353c3c19a9e46dcc22440b7ca8bd8994e

  • SHA256

    dbf75a247c2141d83e39f08a304bfde553e4e1553bb0524721bd4c8b189ebb02

  • SHA512

    1ca27d071b68b912aebf865029ad3e872a94f6c1049556b58efdca1f103be2c1cb61592ebf86587b462e4a9a36ecbfbfef9502b9fca65070f5df4955c22910c9

  • SSDEEP

    12288:yNj5Aybdjn4Ld+qGrm7UweTXyBFNSzXWwzkUMxNf3o6N9gp59CG5d2f3x2:y37UhxGq7Re4rSyamf4cITCG9

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

    • Target

      Quote 1345 rev.7.exe

    • Size

      873KB

    • MD5

      976a912fe44d3b31ef181277129b3ca3

    • SHA1

      b5ec4fd353c3c19a9e46dcc22440b7ca8bd8994e

    • SHA256

      dbf75a247c2141d83e39f08a304bfde553e4e1553bb0524721bd4c8b189ebb02

    • SHA512

      1ca27d071b68b912aebf865029ad3e872a94f6c1049556b58efdca1f103be2c1cb61592ebf86587b462e4a9a36ecbfbfef9502b9fca65070f5df4955c22910c9

    • SSDEEP

      12288:yNj5Aybdjn4Ld+qGrm7UweTXyBFNSzXWwzkUMxNf3o6N9gp59CG5d2f3x2:y37UhxGq7Re4rSyamf4cITCG9

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks