Overview

overview

10

Static

static

1

56688aac45...df.exe

windows7-x64

10

56688aac45...df.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56688aac45f687d84e6c849c54e0a7df

  • Size

    720KB

  • Sample

    240112-n7rgqagbg9

  • MD5

    56688aac45f687d84e6c849c54e0a7df

  • SHA1

    16de7a0e6e04e270690298eb65371080d3ba845d

  • SHA256

    cc940530ec434423139fc9ce98906ba0f74ad6d4d8f482148ad896da57b87f0d

  • SHA512

    7a20a9069d52914095ac667ee877c62372ec9ec351d4f7e204efdfb2be6c57be59d54fc517bb0f639437aa45f0884fec14e38e3a51fbdc97be33dd2bc9532cbe

  • SSDEEP

    12288:UtmbQmxRoMLzeDiWLq2KkzAhhv+bOCYE418hzx7O7PRuo2fHU1:UY05kmALoHYH18hVO7Zuoc01

Score
10/10
blustealerzgratratstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    netjul.xyz
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    t+Ip=i&C}jY5

Targets

    • Target

      56688aac45f687d84e6c849c54e0a7df

    • Size

      720KB

    • MD5

      56688aac45f687d84e6c849c54e0a7df

    • SHA1

      16de7a0e6e04e270690298eb65371080d3ba845d

    • SHA256

      cc940530ec434423139fc9ce98906ba0f74ad6d4d8f482148ad896da57b87f0d

    • SHA512

      7a20a9069d52914095ac667ee877c62372ec9ec351d4f7e204efdfb2be6c57be59d54fc517bb0f639437aa45f0884fec14e38e3a51fbdc97be33dd2bc9532cbe

    • SSDEEP

      12288:UtmbQmxRoMLzeDiWLq2KkzAhhv+bOCYE418hzx7O7PRuo2fHU1:UY05kmALoHYH18hVO7Zuoc01

    Score
    10/10
    blustealerzgratratstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

      ratzgrat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks