General

  • Target

    92b2a58b647e00a887c4dba92d1e6d7ff4d50221ed19a618749305ce6be1c2ec.exe

  • Size

    427KB

  • Sample

    230807-lc2cbsfg91

  • MD5

    c84fa18b96495c6e841f4f51f13be99f

  • SHA1

    3f02e9012781268a287f82d0f172e62da50a8f06

  • SHA256

    92b2a58b647e00a887c4dba92d1e6d7ff4d50221ed19a618749305ce6be1c2ec

  • SHA512

    ca432eb5e54b4170616d791e31d3c0f46a7d30ff5756a78a471209b3a7cddddcc8d2003faed0b1d8599a29841659a6af0f7f2b8f70e5b17c9f115bbf31ba9d5d

  • SSDEEP

    12288:sWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmBcJ:3xgsRftD0C2nKGu

Score
10/10

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot6120911772:AAEvnEDbWRlbIuD1NP8MtmiY3tQ46T9SQyo/sendMessage?chat_id=6082430866

Targets

    • Target

      92b2a58b647e00a887c4dba92d1e6d7ff4d50221ed19a618749305ce6be1c2ec.exe

    • Size

      427KB

    • MD5

      c84fa18b96495c6e841f4f51f13be99f

    • SHA1

      3f02e9012781268a287f82d0f172e62da50a8f06

    • SHA256

      92b2a58b647e00a887c4dba92d1e6d7ff4d50221ed19a618749305ce6be1c2ec

    • SHA512

      ca432eb5e54b4170616d791e31d3c0f46a7d30ff5756a78a471209b3a7cddddcc8d2003faed0b1d8599a29841659a6af0f7f2b8f70e5b17c9f115bbf31ba9d5d

    • SSDEEP

      12288:sWnxfgsRL4u/1AlLK6FRY2n8OPKxGvYmBcJ:3xgsRftD0C2nKGu

    Score
    10/10
    • BluStealer

      A Modular information stealer written in Visual Basic.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks