blustealer | b080bdfe0c1e6065997164216ff6d7d453da2a92f354805f0b1d7bc0e5d80f07 | Triage

Sharing

General

Target

38c7c190f42c9b02e294eb1d2ecdd288
Size

676KB
Sample

231231-q68eysgdcl
MD5

38c7c190f42c9b02e294eb1d2ecdd288
SHA1

e3380ec61f592b579f217d26eacc3f18f303bf31
SHA256

b080bdfe0c1e6065997164216ff6d7d453da2a92f354805f0b1d7bc0e5d80f07
SHA512

159becd2a284a934726d3f3ef14363406349216832fa57644345b679e97adcdb88a515ab93d749446bd2f7a704c2e4614856d4b5bb91b297acd736f22b2213d0
SSDEEP

12288:3LhJCf/j8wqDqK+hMJagb0/6vxF5dNrd4n5j8bpItZUzuv:3L7+/jVqOLhgaO0CxvrlbYZUyv

Score

10^/10

blustealer stealer

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
smtp.privateemail.com
Port:
587
Username:
[email protected]
Password:
@@@@@@

Targets

- Target
  
  38c7c190f42c9b02e294eb1d2ecdd288
- Size
  
  676KB
- MD5
  
  38c7c190f42c9b02e294eb1d2ecdd288
- SHA1
  
  e3380ec61f592b579f217d26eacc3f18f303bf31
- SHA256
  
  b080bdfe0c1e6065997164216ff6d7d453da2a92f354805f0b1d7bc0e5d80f07
- SHA512
  
  159becd2a284a934726d3f3ef14363406349216832fa57644345b679e97adcdb88a515ab93d749446bd2f7a704c2e4614856d4b5bb91b297acd736f22b2213d0
- SSDEEP
  
  12288:3LhJCf/j8wqDqK+hMJagb0/6vxF5dNrd4n5j8bpItZUzuv:3L7+/jVqOLhgaO0CxvrlbYZUyv
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

blustealerstealer

behavioral2