blustealer | c6f6c1f109775f68b9be3920c5c46d0f5ae5b8b45d45c11abaf952b6098039a0 | Triage

Submit
Reports

Overview

overview

Static

static

3

30c9249824...9b.exe

windows7-x64

30c9249824...9b.exe

windows10-2004-x64

1

Sharing

General

Target

30c9249824971b80aec6d2458374a09b
Size

879KB
Sample

231225-vz39wafeg6
MD5

30c9249824971b80aec6d2458374a09b
SHA1

ba9c7ff0ebd880a0af019aba4948d898821318bd
SHA256

c6f6c1f109775f68b9be3920c5c46d0f5ae5b8b45d45c11abaf952b6098039a0
SHA512

1bcfce1e0ee81393e02f2e80521e48b2d6f22298d49f2fe10d0b7e3d2ab9fe472dcb7e19007d029d5d11c06535f3ce48ac402f00bad813b4124ffb7011bf2afd
SSDEEP

12288:aKoLScJXjvekjHRUhZFhcc1MNQpkzdsd7mWArXlQ02qTSS0+Y0Ut855u1e+cO:ENDfHR0NnUQ2moQc2S0+YJV9

Score

10^/10

blustealer stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

30c9249824971b80aec6d2458374a09b.exe

Resource

win7-20231129-en

blustealer stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

30c9249824971b80aec6d2458374a09b.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
smtp.1and1.es
Port:
587
Username:
[email protected]
Password:
Somunics.1234

Targets

- Target
  
  30c9249824971b80aec6d2458374a09b
- Size
  
  879KB
- MD5
  
  30c9249824971b80aec6d2458374a09b
- SHA1
  
  ba9c7ff0ebd880a0af019aba4948d898821318bd
- SHA256
  
  c6f6c1f109775f68b9be3920c5c46d0f5ae5b8b45d45c11abaf952b6098039a0
- SHA512
  
  1bcfce1e0ee81393e02f2e80521e48b2d6f22298d49f2fe10d0b7e3d2ab9fe472dcb7e19007d029d5d11c06535f3ce48ac402f00bad813b4124ffb7011bf2afd
- SSDEEP
  
  12288:aKoLScJXjvekjHRUhZFhcc1MNQpkzdsd7mWArXlQ02qTSS0+Y0Ut855u1e+cO:ENDfHR0NnUQ2moQc2S0+YJV9
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

© 2018-2024

Terms | Privacy