Overview

overview

10

Static

static

1

SecuriteIn...91.exe

windows7-x64

10

SecuriteIn...91.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win32.PWSX-gen.11491.12467

  • Size

    1.1MB

  • Sample

    230919-1gashaeb59

  • MD5

    50a1ee46c4a23ce01fc2a3dbeeae0957

  • SHA1

    5bc2f16a04bed1964d2f3d5e600be72523676d1b

  • SHA256

    f7206d9e9216ea73a6c530c165866ed0d8605b7f549754c06d6599366ef04441

  • SHA512

    0dc905c16c0eea2cce71b60783309e60c0d8a99970c3b35a520dbf23b5a6c31ecb871938ab7b8a02f27cdc9a2cf01c1607719fbde1264ad2e2c642d139c41fb8

  • SSDEEP

    12288:BwsDLV2dAFLH9i4yt5n/1bZVfn5TjzwrcMf4EIubL0cgGRjxxFLawAfttTObddLD:WsDx2dAFD9i4ytlVl3IJxxFL1AlMSAX

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot6248591734:AAEzUnQOvdK0MyjtgWK-67i4B3jKl9uZDqU/sendMessage?chat_id=5472437377

Targets

    • Target

      SecuriteInfo.com.Win32.PWSX-gen.11491.12467

    • Size

      1.1MB

    • MD5

      50a1ee46c4a23ce01fc2a3dbeeae0957

    • SHA1

      5bc2f16a04bed1964d2f3d5e600be72523676d1b

    • SHA256

      f7206d9e9216ea73a6c530c165866ed0d8605b7f549754c06d6599366ef04441

    • SHA512

      0dc905c16c0eea2cce71b60783309e60c0d8a99970c3b35a520dbf23b5a6c31ecb871938ab7b8a02f27cdc9a2cf01c1607719fbde1264ad2e2c642d139c41fb8

    • SSDEEP

      12288:BwsDLV2dAFLH9i4yt5n/1bZVfn5TjzwrcMf4EIubL0cgGRjxxFLawAfttTObddLD:WsDx2dAFD9i4ytlVl3IJxxFL1AlMSAX

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks