General
-
Target
0bb1c29f4a8c046e798cd9781cc127a7
-
Size
876KB
-
Sample
231230-cyxrlacdbm
-
MD5
0bb1c29f4a8c046e798cd9781cc127a7
-
SHA1
bbad89c8d04b20f63d36014f00ded3818e595a53
-
SHA256
139b8756b01add9dcac07d3a0137b0ea49a932fc4804ad0eca63ffc2958eda72
-
SHA512
4b439bd85c725f104be24956525a6ae1a16dba28fe254695cbd667933d0cce2225e9a0f934ef17e1f5ef65ac033aa6ed72d016e3bed0bf270dd3d1eef12de63f
-
SSDEEP
12288:+nkguFRskuUAlWC/44toU73kJiIWK4vV9BrFZsk1q1/1Yah2UKbnltqvTmDcN:0kEkuUAlV46zbk6K6VVZsuSYgF+qvH
Static task
static1
Behavioral task
behavioral1
Sample
0bb1c29f4a8c046e798cd9781cc127a7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0bb1c29f4a8c046e798cd9781cc127a7.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
blustealer
Protocol: smtp- Host:
smtp.privateemail.com - Port:
587 - Username:
[email protected] - Password:
@@@@@@
Targets
-
-
Target
0bb1c29f4a8c046e798cd9781cc127a7
-
Size
876KB
-
MD5
0bb1c29f4a8c046e798cd9781cc127a7
-
SHA1
bbad89c8d04b20f63d36014f00ded3818e595a53
-
SHA256
139b8756b01add9dcac07d3a0137b0ea49a932fc4804ad0eca63ffc2958eda72
-
SHA512
4b439bd85c725f104be24956525a6ae1a16dba28fe254695cbd667933d0cce2225e9a0f934ef17e1f5ef65ac033aa6ed72d016e3bed0bf270dd3d1eef12de63f
-
SSDEEP
12288:+nkguFRskuUAlWC/44toU73kJiIWK4vV9BrFZsk1q1/1Yah2UKbnltqvTmDcN:0kEkuUAlV46zbk6K6VVZsuSYgF+qvH
Score10/10-
A310logger
A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
-
A310logger Executable
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-