Extracted

• • Target

    0bb1c29f4a8c046e798cd9781cc127a7

  • Size

    876KB

  • MD5

    0bb1c29f4a8c046e798cd9781cc127a7

  • SHA1

    bbad89c8d04b20f63d36014f00ded3818e595a53

  • SHA256

    139b8756b01add9dcac07d3a0137b0ea49a932fc4804ad0eca63ffc2958eda72

  • SHA512

    4b439bd85c725f104be24956525a6ae1a16dba28fe254695cbd667933d0cce2225e9a0f934ef17e1f5ef65ac033aa6ed72d016e3bed0bf270dd3d1eef12de63f

  • SSDEEP

    12288:+nkguFRskuUAlWC/44toU73kJiIWK4vV9BrFZsk1q1/1Yah2UKbnltqvTmDcN:0kEkuUAlV46zbk6K6VVZsuSYgF+qvH

  Score

  10^/10

  a310loggerblustealercollectionspywarestealer

  • A310logger

    A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

    stealerspywarea310logger

  • BluStealer

    A Modular information stealer written in Visual Basic.

    stealerblustealer

  • A310logger Executable

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Accesses cryptocurrency files/wallets, possible credential harvesting

    spyware

  • Suspicious use of SetThreadContext

  behavioral1behavioral2