a310logger | 5376e7e271739ec94123ba33b4061ace8309950174746e962c8bade29b571984 | Triage

Submit
Reports

Overview

overview

Static

static

3

60d4e77911...b3.exe

windows7-x64

1

60d4e77911...b3.exe

windows10-2004-x64

Sharing

General

Target

60d4e7791158258a1c7a50570021acb3
Size

1.2MB
Sample

240116-zg141sbbf8
MD5

60d4e7791158258a1c7a50570021acb3
SHA1

107cbdad79622f6112f4d5eaa2319ea85fa97a9f
SHA256

5376e7e271739ec94123ba33b4061ace8309950174746e962c8bade29b571984
SHA512

6f8f6ad7ea17b8b4af31c013ee14272b2cdd6babf5c7775adbeccd9c9fb047a55ab75d8a46d69efc7826909d367ed9558aacf9195e2cf29a3eccbb71101902ce
SSDEEP

24576:HtImRbYyYAu/5LqBsskWKKIfga1HF/KPLGg3SknffSLexizH6ZQKxO5fLXBVmby+:9Jpv2qB/ku0T/Kyg3SEfjIzgQP9LXBYZ

Score

10^/10

a310logger blustealer collection spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

60d4e7791158258a1c7a50570021acb3.exe

Resource

win7-20231215-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

60d4e7791158258a1c7a50570021acb3.exe

Resource

win10v2004-20231215-en

a310logger blustealer collection spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
smtp.privateemail.com
Port:
587
Username:
sales1@midombo.com
Password:
@@@@@@

Targets

- Target
  
  60d4e7791158258a1c7a50570021acb3
- Size
  
  1.2MB
- MD5
  
  60d4e7791158258a1c7a50570021acb3
- SHA1
  
  107cbdad79622f6112f4d5eaa2319ea85fa97a9f
- SHA256
  
  5376e7e271739ec94123ba33b4061ace8309950174746e962c8bade29b571984
- SHA512
  
  6f8f6ad7ea17b8b4af31c013ee14272b2cdd6babf5c7775adbeccd9c9fb047a55ab75d8a46d69efc7826909d367ed9558aacf9195e2cf29a3eccbb71101902ce
- SSDEEP
  
  24576:HtImRbYyYAu/5LqBsskWKKIfga1HF/KPLGg3SknffSLexizH6ZQKxO5fLXBVmby+:9Jpv2qB/ku0T/Kyg3SEfjIzgQP9LXBYZ
Score

10^/10

a310logger blustealer collection spyware stealer
- A310logger
  A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.
  stealer spyware a310logger
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- A310logger Executable
- Executes dropped EXE
- Accesses Microsoft Outlook profiles
  collection
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2

a310loggerblustealercollectionspywarestealer

© 2018-2024

Terms | Privacy