Overview

overview

10

Static

static

1

2a52adef89...26.exe

windows7-x64

10

2a52adef89...26.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2a52adef8906a92fa4b4feb96c1b8c26

  • Size

    707KB

  • Sample

    231231-gb5k5sfedp

  • MD5

    2a52adef8906a92fa4b4feb96c1b8c26

  • SHA1

    5bc7a3c740295e6e0a0c2455be73c5c6669a8171

  • SHA256

    8940eb56fcbcf0b9e9f1ca34b9e2671bf9f0494eed2b00254cc916378337c0bd

  • SHA512

    09f6c07b2d09937aa12c8befcceab02e8069ee661a97dc39af6531ae8277f7c10680eb3375ce2ad8a6111561af829d4ef543220beeeb6b86fdc85b4d44055caf

  • SSDEEP

    12288:aPtYLDXEk6PT0/ZxSnw7NGUNIXIo6RPuxR51ee0PRNuU1:AtYLDUk6Pwkw5dkIo6RjzPv1

Score
10/10
blustealerzgratratstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    restd.xyz
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    E^6666?VJo99/*

Targets

    • Target

      2a52adef8906a92fa4b4feb96c1b8c26

    • Size

      707KB

    • MD5

      2a52adef8906a92fa4b4feb96c1b8c26

    • SHA1

      5bc7a3c740295e6e0a0c2455be73c5c6669a8171

    • SHA256

      8940eb56fcbcf0b9e9f1ca34b9e2671bf9f0494eed2b00254cc916378337c0bd

    • SHA512

      09f6c07b2d09937aa12c8befcceab02e8069ee661a97dc39af6531ae8277f7c10680eb3375ce2ad8a6111561af829d4ef543220beeeb6b86fdc85b4d44055caf

    • SSDEEP

      12288:aPtYLDXEk6PT0/ZxSnw7NGUNIXIo6RPuxR51ee0PRNuU1:AtYLDUk6Pwkw5dkIo6RjzPv1

    Score
    10/10
    blustealerzgratratstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks