blustealer | 2a8dad48d4a81e1752e71f2f37a53a0ba4625f42bcea193b1783ac2c8f8e308c | Triage

Submit
Reports

Overview

overview

Static

static

3

Refrence Order.exe

windows7-x64

Refrence Order.exe

windows10-2004-x64

3

Sharing

General

Target

07194899.bat
Size

10KB
Sample

230605-ns69magh4t
MD5

4daca09eea0303437005ee1177a9c89d
SHA1

498cbf6e942f13faa025e6de36418bdffcd39c67
SHA256

2a8dad48d4a81e1752e71f2f37a53a0ba4625f42bcea193b1783ac2c8f8e308c
SHA512

e2cfb0e2b5a12e5ea4070ab3620abb73c32cbaba4f2eb9cbd38129ce78a1a4be26bfde949035c00c9f0c8df942e8b23868c0c1d11c24d38ff5d5b77db75d92c4
SSDEEP

192:+i0ah4iG/cgecityXTIM7YMl75qoC7SQTGnp1AK1DeYyRwyZyZzPHkV8UKXoO:HhLG/ZwY7YMlMSf7j1pyRwyZy1kV8V4O

Score

10^/10

blustealer stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Refrence Order.exe

Resource

win7-20230220-en

blustealer stealer

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Refrence Order.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.dphe.gov.bd
Port:
587
Username:
[email protected]
Password:
@DphE20#

Targets

- Target
  
  Refrence Order.exe
- Size
  
  22KB
- MD5
  
  bb639f8c81d9cf4a49e72015d7c75735
- SHA1
  
  91d717df3b5a1b833a60b5e2eb4d8f1c10555c62
- SHA256
  
  24c162c82ab104894354b4869e0f44ca289ae06b535827a7aefc08982effd2c9
- SHA512
  
  59b7137c0ef51746057b5dfd8ff09168a63e120898711914e7acb67393c109808ec73b77a56265de74b48e11ddc8ab4a81115e9c9435ebe019ec2a48eedad7f1
- SSDEEP
  
  384:TPHG946aVb9BezNZUG9bxcJ4SKKpK+dwQQC9EOAtFgyl8j3Bl//9NKa2HovbzOvp:jvV5vfDJHjRj3BxVTWJ1w3tXqSK
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

© 2018-2024

Terms | Privacy