blustealer | d785b16f811cb9c93968e0e03c88859aac76643ec2b2d2b4cec7a11ed41a6844 | Triage

Sharing

General

Target

25b2a9e2861162f3cb6131451508537a
Size

858KB
Sample

231221-3gkzksafgq
MD5

25b2a9e2861162f3cb6131451508537a
SHA1

80f2a95ef9a3893eb6f43b610f379c01ef05d845
SHA256

d785b16f811cb9c93968e0e03c88859aac76643ec2b2d2b4cec7a11ed41a6844
SHA512

8e802051c27f7bab5a79a5de462bf88efc49f393ebf4c3931fa8d2afebf4e92106b1b165ec548bb846e853b43fb6ef31ce5ed8ee7829fcb56ce5bfb81ddd811c
SSDEEP

12288:hAgvTojPDEYH82cRj/WqOH5F2s2bJCried/7LGcofwDyR8b/z:6EojPlH8Pda5F+1CFGcLDyw

Score

10^/10

blustealer stealer

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.starkgulf.com
Port:
587
Username:
[email protected]
Password:
info123#

Targets

- Target
  
  25b2a9e2861162f3cb6131451508537a
- Size
  
  858KB
- MD5
  
  25b2a9e2861162f3cb6131451508537a
- SHA1
  
  80f2a95ef9a3893eb6f43b610f379c01ef05d845
- SHA256
  
  d785b16f811cb9c93968e0e03c88859aac76643ec2b2d2b4cec7a11ed41a6844
- SHA512
  
  8e802051c27f7bab5a79a5de462bf88efc49f393ebf4c3931fa8d2afebf4e92106b1b165ec548bb846e853b43fb6ef31ce5ed8ee7829fcb56ce5bfb81ddd811c
- SSDEEP
  
  12288:hAgvTojPDEYH82cRj/WqOH5F2s2bJCried/7LGcofwDyR8b/z:6EojPlH8Pda5F+1CFGcLDyw
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer