Overview

overview

10

Static

static

3

0ccdc2943e...62.exe

windows7-x64

10

0ccdc2943e...62.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ccdc2943e3e1547431cc0e813bde562

  • Size

    863KB

  • Sample

    231221-1ym46adee9

  • MD5

    0ccdc2943e3e1547431cc0e813bde562

  • SHA1

    d74c378a15dc009b83830c15d0e054c45ca96a22

  • SHA256

    59b231e2140dff56658986b30ecfc13b38c883a911f4345d95d847d9c93795d9

  • SHA512

    0b85770362f70f25b6c8b7ce436d8355a68b13e373583efb935d59e5e0e4eb408b1bae0813495e492bf41d10255f5f19c1e3bf56cb8ca4947f1971454fe36365

  • SSDEEP

    12288:xroIYS+wYxMHYm0KX/A/GBg4MsjNskuEyhq36RnKwQ5t2yq4Qd:xVpXYxMbrkGB5M0Ns7qqtKv3q4Qd

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.starkgulf.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    info123#

Targets

    • Target

      0ccdc2943e3e1547431cc0e813bde562

    • Size

      863KB

    • MD5

      0ccdc2943e3e1547431cc0e813bde562

    • SHA1

      d74c378a15dc009b83830c15d0e054c45ca96a22

    • SHA256

      59b231e2140dff56658986b30ecfc13b38c883a911f4345d95d847d9c93795d9

    • SHA512

      0b85770362f70f25b6c8b7ce436d8355a68b13e373583efb935d59e5e0e4eb408b1bae0813495e492bf41d10255f5f19c1e3bf56cb8ca4947f1971454fe36365

    • SSDEEP

      12288:xroIYS+wYxMHYm0KX/A/GBg4MsjNskuEyhq36RnKwQ5t2yq4Qd:xVpXYxMbrkGB5M0Ns7qqtKv3q4Qd

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks