blustealer | 4a0b8f4dbb3acd1bbab1527d90921061bef21f3422250dcc41b8046b77edbd9b | Triage

Submit
Reports

Overview

overview

Static

static

3

941ffbcc54...1d.exe

windows7-x64

941ffbcc54...1d.exe

windows10-2004-x64

Sharing

General

Target

941ffbcc54a5826dde6e2d35f2fc761d
Size

489KB
Sample

240206-h3cvwaadd2
MD5

941ffbcc54a5826dde6e2d35f2fc761d
SHA1

fc892954c47237abfc7956450aa13e5ad2d97488
SHA256

4a0b8f4dbb3acd1bbab1527d90921061bef21f3422250dcc41b8046b77edbd9b
SHA512

85327aa14dfdd4f7e8fb8387fc8f47066abd5037cb3d080444d17e40fb7d49803b86c5d971b434f872130a152590ac14df1fc3025954625cd9ec637c71b2e635
SSDEEP

12288:+pxLkSqnEa1yg6PbvF1yC62hkh2pf05T70sZ0XNfM:jaZ1yQC5gXtM

Score

10^/10

blustealer stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

941ffbcc54a5826dde6e2d35f2fc761d.exe

Resource

win7-20231215-en

blustealer stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

941ffbcc54a5826dde6e2d35f2fc761d.exe

Resource

win10v2004-20231215-en

blustealer stealer

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.dm-teh.com
Port:
587
Username:
[email protected]
Password:
Vm@(O;CO.vEQ

Targets

- Target
  
  941ffbcc54a5826dde6e2d35f2fc761d
- Size
  
  489KB
- MD5
  
  941ffbcc54a5826dde6e2d35f2fc761d
- SHA1
  
  fc892954c47237abfc7956450aa13e5ad2d97488
- SHA256
  
  4a0b8f4dbb3acd1bbab1527d90921061bef21f3422250dcc41b8046b77edbd9b
- SHA512
  
  85327aa14dfdd4f7e8fb8387fc8f47066abd5037cb3d080444d17e40fb7d49803b86c5d971b434f872130a152590ac14df1fc3025954625cd9ec637c71b2e635
- SSDEEP
  
  12288:+pxLkSqnEa1yg6PbvF1yC62hkh2pf05T70sZ0XNfM:jaZ1yQC5gXtM
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

blustealerstealer

© 2018-2024

Terms | Privacy