Overview

overview

10

Static

static

3

Request fo...on.exe

windows7-x64

10

Request fo...on.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Request for Quotation.exe

  • Size

    1.5MB

  • Sample

    230515-xm2xdsgh92

  • MD5

    67683d83541b578498d12ddc5828260e

  • SHA1

    679904b6c6101f399811885b42e98c4c8c564e6e

  • SHA256

    9a3e3d21954d44054b67a726ecc1c6e54a231f4accc013fa91d0830ccf134680

  • SHA512

    fb3080919598e0bedaa3b429e86f498bbbfcfb257a9c92dc9f6c197e2da9bd17328cc762bd97e7cbb770f0d6f1e8c8c05107a59f6204ce8ebc5ad4996e8e709b

  • SSDEEP

    24576:sLOOmjfJ7uGyhgAzbOQ31ubRVTkK09CDg2bCaUwFDyfCTdNuuVIF/gwqb+:sG17uGmPOQ3oNVTkhC/bCaUwpy2wuV32

Score
10/10
blustealercollectionspywarestealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

    • Target

      Request for Quotation.exe

    • Size

      1.5MB

    • MD5

      67683d83541b578498d12ddc5828260e

    • SHA1

      679904b6c6101f399811885b42e98c4c8c564e6e

    • SHA256

      9a3e3d21954d44054b67a726ecc1c6e54a231f4accc013fa91d0830ccf134680

    • SHA512

      fb3080919598e0bedaa3b429e86f498bbbfcfb257a9c92dc9f6c197e2da9bd17328cc762bd97e7cbb770f0d6f1e8c8c05107a59f6204ce8ebc5ad4996e8e709b

    • SSDEEP

      24576:sLOOmjfJ7uGyhgAzbOQ31ubRVTkK09CDg2bCaUwFDyfCTdNuuVIF/gwqb+:sG17uGmPOQ3oNVTkhC/bCaUwpy2wuV32

    Score
    10/10
    blustealercollectionspywarestealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks