Overview

overview

10

Static

static

3

40da869663...1d.exe

windows7-x64

10

40da869663...1d.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    40da869663b70d81a92ec0bdb29ef61d

  • Size

    2.6MB

  • Sample

    240104-plhs5aaad5

  • MD5

    40da869663b70d81a92ec0bdb29ef61d

  • SHA1

    c37ca05022049f320a6bf2e72a2be07e73004841

  • SHA256

    3604207260cf40780709d081796c8e86cc810f688e2973b1d325b01f40169030

  • SHA512

    53d5a6f170516ce2b497bdd941e919506f18ce61db7102f6b61d4e31ddaaa813ab727e3d7ed90d94fb2ea6e9bac5c65f32f14849dd10fbe31bf4ed2e093e1100

  • SSDEEP

    24576:T8QxsrJyXFN1ggvYwM/KhgTkC+bLXu7ckQ6eHmPm:TVQJg/gFuRPG+

Score
10/10
blustealerzgratratstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    smtp.vivaldi.net
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    67968664JeBlachqwin

Targets

    • Target

      40da869663b70d81a92ec0bdb29ef61d

    • Size

      2.6MB

    • MD5

      40da869663b70d81a92ec0bdb29ef61d

    • SHA1

      c37ca05022049f320a6bf2e72a2be07e73004841

    • SHA256

      3604207260cf40780709d081796c8e86cc810f688e2973b1d325b01f40169030

    • SHA512

      53d5a6f170516ce2b497bdd941e919506f18ce61db7102f6b61d4e31ddaaa813ab727e3d7ed90d94fb2ea6e9bac5c65f32f14849dd10fbe31bf4ed2e093e1100

    • SSDEEP

      24576:T8QxsrJyXFN1ggvYwM/KhgTkC+bLXu7ckQ6eHmPm:TVQJg/gFuRPG+

    Score
    10/10
    blustealerzgratratstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks