Overview

overview

10

Static

static

3

0464c8fb6d...85.exe

windows7-x64

10

0464c8fb6d...85.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0464c8fb6d0d275b197e6424afdcfe85

  • Size

    921KB

  • Sample

    231221-zgldkaffb6

  • MD5

    0464c8fb6d0d275b197e6424afdcfe85

  • SHA1

    1ee7b29c21aadc96befa2f624ef92d43f0c3cd36

  • SHA256

    aee13239725c7dcc72761f58f97145f2972aaaf9dc9e91bf0dd5497cb063b21c

  • SHA512

    62cdb4e05549629036f4f2c512e145f25cc8b82aa554ce038ac5134e6451bc96fda228ca087ad9b20f98fda394d743eceaa6d0030c6325f47b7052db778d192e

  • SSDEEP

    12288:apivtpJkLZHCv06s5bg8OsvepzZFc9MZZw7cdRJfOB66vKkPJTQK6YhyB6A9mhne:LMH6sRbO0epzsiccdqB66vbTk

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.starkgulf.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    info123#

Targets

    • Target

      0464c8fb6d0d275b197e6424afdcfe85

    • Size

      921KB

    • MD5

      0464c8fb6d0d275b197e6424afdcfe85

    • SHA1

      1ee7b29c21aadc96befa2f624ef92d43f0c3cd36

    • SHA256

      aee13239725c7dcc72761f58f97145f2972aaaf9dc9e91bf0dd5497cb063b21c

    • SHA512

      62cdb4e05549629036f4f2c512e145f25cc8b82aa554ce038ac5134e6451bc96fda228ca087ad9b20f98fda394d743eceaa6d0030c6325f47b7052db778d192e

    • SSDEEP

      12288:apivtpJkLZHCv06s5bg8OsvepzZFc9MZZw7cdRJfOB66vKkPJTQK6YhyB6A9mhne:LMH6sRbO0epzsiccdqB66vbTk

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks