Overview

overview

10

Static

static

3

9ee21b7bda...91.exe

windows7-x64

10

9ee21b7bda...91.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9ee21b7bda8668d0a5e41273d0ce1291

  • Size

    735KB

  • Sample

    240215-3qfq8acd72

  • MD5

    9ee21b7bda8668d0a5e41273d0ce1291

  • SHA1

    bcd0969fa8441be09d256585a7bd7073d2725f59

  • SHA256

    738a485429af982afe764c392327ad1940bc0e2c53e46ccebc7e7528abaa9c9d

  • SHA512

    eff01ac098513e9a74dc75e6fa58f47dc51ad951d3667d1378eecc029c8378e7a386b6e2f8cf32d7b4be75b4ac90a6be8214751a4935da6e24d80315ee0ef6f1

  • SSDEEP

    12288:r7T2OCm5I7wjmyGR7GjOzv1S87j4HtkqYrp9yo0BNhc96DH/ofO/oKc:r7T2OCjkjmykyjOhH4HOqspDQ9X/M

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot1838876767:AAEiDKTcT_A4WBwpMo9nnrtBP7OvsmEUnNU/sendMessage?chat_id=1300181783

Targets

    • Target

      9ee21b7bda8668d0a5e41273d0ce1291

    • Size

      735KB

    • MD5

      9ee21b7bda8668d0a5e41273d0ce1291

    • SHA1

      bcd0969fa8441be09d256585a7bd7073d2725f59

    • SHA256

      738a485429af982afe764c392327ad1940bc0e2c53e46ccebc7e7528abaa9c9d

    • SHA512

      eff01ac098513e9a74dc75e6fa58f47dc51ad951d3667d1378eecc029c8378e7a386b6e2f8cf32d7b4be75b4ac90a6be8214751a4935da6e24d80315ee0ef6f1

    • SSDEEP

      12288:r7T2OCm5I7wjmyGR7GjOzv1S87j4HtkqYrp9yo0BNhc96DH/ofO/oKc:r7T2OCjkjmykyjOhH4HOqspDQ9X/M

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks