blustealer | b281be38a190ca97b700202096f56b29ff68740c0d40273f286e03d52685321e | Triage

Submit
Reports

Overview

overview

Static

static

3

53f6d4b448...5d.exe

windows7-x64

53f6d4b448...5d.exe

windows10-2004-x64

3

Sharing

General

Target

53f6d4b448f270023ee30f231c53cf5d
Size

486KB
Sample

240111-tjd5dabfg6
MD5

53f6d4b448f270023ee30f231c53cf5d
SHA1

c58946d81281aa1907c8e31273f67e14f3c8ba3b
SHA256

b281be38a190ca97b700202096f56b29ff68740c0d40273f286e03d52685321e
SHA512

18c08c35498c98545042b21592b6357806626a42c2eca4fb4333104e022696586d907c1b82d31693031cf9abd1b3a319500758e715fbadc7d04c0ea4d3e2bfea
SSDEEP

12288:mxDp/GBC1aNaJ+W3YQyaOfujHwx7Eqi9gPQeuab:mdBGsQN49ozxIqJruw

Score

10^/10

blustealer stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

53f6d4b448f270023ee30f231c53cf5d.exe

Resource

win7-20231215-en

blustealer stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

53f6d4b448f270023ee30f231c53cf5d.exe

Resource

win10v2004-20231222-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.dm-teh.com
Port:
587
Username:
[email protected]
Password:
Vm@(O;CO.vEQ

Targets

- Target
  
  53f6d4b448f270023ee30f231c53cf5d
- Size
  
  486KB
- MD5
  
  53f6d4b448f270023ee30f231c53cf5d
- SHA1
  
  c58946d81281aa1907c8e31273f67e14f3c8ba3b
- SHA256
  
  b281be38a190ca97b700202096f56b29ff68740c0d40273f286e03d52685321e
- SHA512
  
  18c08c35498c98545042b21592b6357806626a42c2eca4fb4333104e022696586d907c1b82d31693031cf9abd1b3a319500758e715fbadc7d04c0ea4d3e2bfea
- SSDEEP
  
  12288:mxDp/GBC1aNaJ+W3YQyaOfujHwx7Eqi9gPQeuab:mdBGsQN49ozxIqJruw
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

© 2018-2024

Terms | Privacy