Overview

overview

10

Static

static

3

INQUIRY.exe

windows7-x64

10

INQUIRY.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    INQUIRY.GZ

  • Size

    902KB

  • Sample

    230607-qwpj4abb53

  • MD5

    f2abb9c1078f12853db8e4aa058642d1

  • SHA1

    8162d37c258e93f46ce82663ccb376291be3a5a0

  • SHA256

    f6dff81a3515d5713123dbeaf452df4a872eed0f5b120f16740812d2720fdf43

  • SHA512

    5348065bca92d3506a08f60a4bbd32df2783888dfaf67833ba229ecded3b1daff6105d82ea24a477b879b559844501eb0f0e6ac218adc1d24bfe1b68eead0b74

  • SSDEEP

    24576:vZizA4RMEriQCAWp7Tom51V8hrGIIfMHb4+Oq4rAO1YKe:vZileWipf/om51VUrGdfguq4rAye

Score
10/10
blustealercollectionstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot5797428905:AAGaRRXGZN1d9GGFd3sE5x4uSpCGF0PU4m4/sendMessage?chat_id=1251788325

Targets

    • Target

      INQUIRY.exe

    • Size

      1.0MB

    • MD5

      008d403f9c3256f249844b772e69df0b

    • SHA1

      585052adf379c88d8dda6d702171d555107aee24

    • SHA256

      324f9aa85a477ba47d4dc4e8516be8d8600eec6de72b44ee671efae46b5c965e

    • SHA512

      296d3f8600c4431751f226dbfe861e30f169c446e4916fc5e7c7fe42ee279b6af88a4f7581220896fc78c711adb88c109c8aa4ba03085afae060fc14716f37b6

    • SSDEEP

      24576:aUlRuROyqGUL8N77c72qU+osnvDLhi3NgULc29hh3Y5RpjlAwX:aUlRuRNqGo8NvW2qUyvfQ3NbPodew

    Score
    10/10
    blustealercollectionstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks