Overview

overview

10

Static

static

3

jagymequip...23.exe

windows7-x64

10

jagymequip...23.exe

windows10-2004-x64

10

Resubmissions

30-05-2023 07:57

230530-jth6zagf6w 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    jagymequipment_Order_list_30052023.gz

  • Size

    907KB

  • Sample

    230530-jth6zagf6w

  • MD5

    87017706d6d7211d2e7d7e30aa26237f

  • SHA1

    c33fac0cc22ef5001c4151045459ef27f4e95ae5

  • SHA256

    c31f61b96549e6c51467d0b417d698659e956ced1513dfd01b9913d543f2f58b

  • SHA512

    bc47e5d40776d9bcdd38760cebce676c201da4cf450e2e0ddb1e979154ff86f079e4689d5d2d051c4b0b0d118f47d8e5973bb38f797a95fc72c296860d2e1eda

  • SSDEEP

    24576:eend/kJUWqJKE+j/GJXQCYKCtD+Q22EiMpicdSEPja:jd/kzqJKE+j/GJ2+QlM/Pu

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

    • Target

      jagymequipment_Order_list_30052023.exe

    • Size

      992KB

    • MD5

      84bcb19b24fb3cf44188d8ea5e8a080f

    • SHA1

      f6a1b91c039a3ce6cff9bf160725a4d2dae6df81

    • SHA256

      b5145ccf5ded090001d3a5368ad32b5b4853f1b2153e55beae9ff0ba543e449e

    • SHA512

      03658af693ef7d3754277e506e0aaf71402ab675ea4618adee8dcd34c50e1e49e5349dd6e92d6dd02f5abb72feb76d97aace506a6fc16f9ce01f1ad1f8902e32

    • SSDEEP

      24576:8qPLaVUH999QYDtn9pvEni933gMciIX0GJ/llyoWD/H:fBH9QYDvpvwXMcpX0GJ/llQ

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks