Overview

overview

10

Static

static

3

Scan No 12...ry.exe

windows7-x64

10

Scan No 12...ry.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Scan No 123333_Inquiry.exe

  • Size

    889KB

  • Sample

    230517-qhsdtseb7x

  • MD5

    05363dd6abad7a6834d7428507fee92b

  • SHA1

    4acf3b6402a55e803320f8a08eef6beb35a942cd

  • SHA256

    6b604d8b516eff23ab53c6f0ef4c723899ab1cee0d4cf0eb630d0a9292b7b384

  • SHA512

    626be2b7f68e18b827b3d05b203e83c78a18d2d0adef7db375edac095e5c7d6a1b5c7d2713a7a420f5bf980b7878e74a25c66ec2741beb2179cf05f30992dcb9

  • SSDEEP

    12288:pnd+WNqxG6PI1/HV88BAo/dAoZqT5Dhdfo55GKGIQiCqHIe2Vg:pn1qxGiOH7VVFqW5bGKNIe

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5450700540:AAEJyEEV8BKgYUKmnCPZxp19kD9GVSRup5M/sendMessage?chat_id=5422342474

Targets

    • Target

      Scan No 123333_Inquiry.exe

    • Size

      889KB

    • MD5

      05363dd6abad7a6834d7428507fee92b

    • SHA1

      4acf3b6402a55e803320f8a08eef6beb35a942cd

    • SHA256

      6b604d8b516eff23ab53c6f0ef4c723899ab1cee0d4cf0eb630d0a9292b7b384

    • SHA512

      626be2b7f68e18b827b3d05b203e83c78a18d2d0adef7db375edac095e5c7d6a1b5c7d2713a7a420f5bf980b7878e74a25c66ec2741beb2179cf05f30992dcb9

    • SSDEEP

      12288:pnd+WNqxG6PI1/HV88BAo/dAoZqT5Dhdfo55GKGIQiCqHIe2Vg:pn1qxGiOH7VVFqW5bGKNIe

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks