blustealer | be7f48bc769105639774263b5a730b3960eac5fac8ba019d19a06aca81ebb946 | Triage

Sharing

General

Target

535deefc0c2866703f5a24782aa5b090
Size

882KB
Sample

231222-c1hqfsgdcp
MD5

535deefc0c2866703f5a24782aa5b090
SHA1

1065b8088c3c0a21a7b45c32b1f3b27705e17d40
SHA256

be7f48bc769105639774263b5a730b3960eac5fac8ba019d19a06aca81ebb946
SHA512

f36fac63b6ee1080eb88daf0ad3ffee9a1bb3a1b4afa02e96455b3dbd2aa8fbf7eb32055e477043a7a0363ec14ac3b43ea40260ed91afbff456894680670b5ac
SSDEEP

12288:QUBDMmZriMmjwc+/aOU2xglqHo9a6NWPXjPb9jgTBvY9GhOEGUAV38I:IyrY565glqI46NWPjqBvzOcAm

Score

10^/10

blustealer stealer

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
us2.smtp.mailhostbox.com
Port:
587
Username:
[email protected]
Password:
%plDEKz1

Targets

- Target
  
  535deefc0c2866703f5a24782aa5b090
- Size
  
  882KB
- MD5
  
  535deefc0c2866703f5a24782aa5b090
- SHA1
  
  1065b8088c3c0a21a7b45c32b1f3b27705e17d40
- SHA256
  
  be7f48bc769105639774263b5a730b3960eac5fac8ba019d19a06aca81ebb946
- SHA512
  
  f36fac63b6ee1080eb88daf0ad3ffee9a1bb3a1b4afa02e96455b3dbd2aa8fbf7eb32055e477043a7a0363ec14ac3b43ea40260ed91afbff456894680670b5ac
- SSDEEP
  
  12288:QUBDMmZriMmjwc+/aOU2xglqHo9a6NWPXjPb9jgTBvY9GhOEGUAV38I:IyrY565glqI46NWPjqBvzOcAm
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer