Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

doc444907897.pdf.exe

windows7-x64

10

doc444907897.pdf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    665747d0a714ff81e03b7f1b9d9b8d15

  • Size

    931KB

  • Sample

    231222-fbjg8sgah9

  • MD5

    665747d0a714ff81e03b7f1b9d9b8d15

  • SHA1

    4607f4764b09d32e187e2aca35af6726998ccadd

  • SHA256

    a2b31ee19201f29d3b1ceb7ea4e6bd3e62209830ab8c7194e61d4700ffdfcd81

  • SHA512

    e153d9002b019ff52cdcda51909005ac9f8e55a1987cf8a93c4e1e5951d68944029f10d887933b4f8284e8ccfa56a85bcc09ea1b0635501420853841606e7562

  • SSDEEP

    12288:KAaaFatPRdDBxy0Hc9cyOKnBBVMNUIp4YhowjIQ3ECr5+z1u4OrIXHbLNrOq86i1:lFUvj8emHWdpXoq3joc4OrIrVOr6SGeB

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.starkgulf.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    info123#

Targets

    • Target

      doc444907897.pdf.exe

    • Size

      921KB

    • MD5

      0464c8fb6d0d275b197e6424afdcfe85

    • SHA1

      1ee7b29c21aadc96befa2f624ef92d43f0c3cd36

    • SHA256

      aee13239725c7dcc72761f58f97145f2972aaaf9dc9e91bf0dd5497cb063b21c

    • SHA512

      62cdb4e05549629036f4f2c512e145f25cc8b82aa554ce038ac5134e6451bc96fda228ca087ad9b20f98fda394d743eceaa6d0030c6325f47b7052db778d192e

    • SSDEEP

      12288:apivtpJkLZHCv06s5bg8OsvepzZFc9MZZw7cdRJfOB66vKkPJTQK6YhyB6A9mhne:LMH6sRbO0epzsiccdqB66vbTk

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks