General

  • Target

    b44f95c332073b28fe95157f470f8f2a

  • Size

    1.0MB

  • Sample

    240305-kyjhzabb4v

  • MD5

    b44f95c332073b28fe95157f470f8f2a

  • SHA1

    ab9265412559d4992d540aa11f05d73e4f544374

  • SHA256

    fdb6b5f3b83553b83111bd61152a4c4bd29996d778d6c118f52f01abd9435fe5

  • SHA512

    25bd35d5bd9d233d9f0bc21afa1af51c2326a252d3afe16f65a22f17ec85bd7a73529b24f4408d20aa0aec84dc79339574f4e57f1876f480bbb6b23cc5aa8f4d

  • SSDEEP

    24576:TqLcMNjfhbU37ea2y1c+ExsjMW/GpsPzKnWjT9:QFhfhYa1yes4vqmnWv

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot1945669405:AAEo5Zfx9GfeIsr07vB55CuJD00-glDv8-w/sendMessage?chat_id=1890833638

Targets

    • Target

      b44f95c332073b28fe95157f470f8f2a

    • Size

      1.0MB

    • MD5

      b44f95c332073b28fe95157f470f8f2a

    • SHA1

      ab9265412559d4992d540aa11f05d73e4f544374

    • SHA256

      fdb6b5f3b83553b83111bd61152a4c4bd29996d778d6c118f52f01abd9435fe5

    • SHA512

      25bd35d5bd9d233d9f0bc21afa1af51c2326a252d3afe16f65a22f17ec85bd7a73529b24f4408d20aa0aec84dc79339574f4e57f1876f480bbb6b23cc5aa8f4d

    • SSDEEP

      24576:TqLcMNjfhbU37ea2y1c+ExsjMW/GpsPzKnWjT9:QFhfhYa1yes4vqmnWv

    • A310logger

      A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

    • BluStealer

      A Modular information stealer written in Visual Basic.

    • A310logger Executable

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.