Extracted

• • Target

    9fbfa26e891d310cf1c766834b76b1e3

  • Size

    1.2MB

  • MD5

    9fbfa26e891d310cf1c766834b76b1e3

  • SHA1

    619af6bf696d00d8a5f50f320486e28a28736933

  • SHA256

    c4f72c811a7b6f83b8cde40cbc757b3ed51eaea7c55edcc6f659389d011687fe

  • SHA512

    6cd9e3ab966f1e86a715fbc53c9a4b1f950c9261643d56a92f00c88b665d653d25370c75332e9cd3271d903f0de6ae2f9b8753e8245de7fb606d6303bd4dfe22

  • SSDEEP

    24576:Jrrna/Z+FPJYAocuxb8Jvb4DWBFAy4+ViNVhJHP:U/OBAt8Jv0DYFAyVoVhJHP

  Score

  10^/10

  a310loggerblustealercollectionspywarestealer

  • A310logger

    A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

    stealerspywarea310logger

  • BluStealer

    A Modular information stealer written in Visual Basic.

    stealerblustealer

  • A310logger Executable

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads local data of messenger clients

    Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    spywarestealer

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2