blustealer | ff5ec2c1351e835e479f1d02f65722274f6d07d26a82ae14d6d01a859b41248a | Triage

Submit
Reports

Overview

overview

Static

static

3

d82a5a3a21...4e.exe

windows7-x64

d82a5a3a21...4e.exe

windows10-2004-x64

1

Sharing

General

Target

d82a5a3a213d381f1a8975148713994e
Size

489KB
Sample

240320-hq37asbg5w
MD5

d82a5a3a213d381f1a8975148713994e
SHA1

0bd310364b8ab6b44bfe8624505592a8f1d0e1d5
SHA256

ff5ec2c1351e835e479f1d02f65722274f6d07d26a82ae14d6d01a859b41248a
SHA512

3bbd4697db01fcf5cae99e574a5d3f0f089dee8a18fd64fe41441bb8cce65f95f8f5c60432dd99b34d27ed9b452f30e10079b76caa3d38214980ee45df98988b
SSDEEP

12288:wAEGG7mC+J8x2JM/TlxUYUvilkw1lToXQlfoDGxq92h3kcdOdALZ4:0tz0K2JM/ThUvo1lToXEADJ03rd6AL+

Score

10^/10

blustealer stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d82a5a3a213d381f1a8975148713994e.exe

Resource

win7-20231129-en

blustealer stealer

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

d82a5a3a213d381f1a8975148713994e.exe

Resource

win10v2004-20240319-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

blustealer

Credentials

Protocol: smtp
Host:
mail.farm-finn.com
Port:
587
Username:
shan@farm-finn.com
Password:
shanti@shant

Targets

- Target
  
  d82a5a3a213d381f1a8975148713994e
- Size
  
  489KB
- MD5
  
  d82a5a3a213d381f1a8975148713994e
- SHA1
  
  0bd310364b8ab6b44bfe8624505592a8f1d0e1d5
- SHA256
  
  ff5ec2c1351e835e479f1d02f65722274f6d07d26a82ae14d6d01a859b41248a
- SHA512
  
  3bbd4697db01fcf5cae99e574a5d3f0f089dee8a18fd64fe41441bb8cce65f95f8f5c60432dd99b34d27ed9b452f30e10079b76caa3d38214980ee45df98988b
- SSDEEP
  
  12288:wAEGG7mC+J8x2JM/TlxUYUvilkw1lToXQlfoDGxq92h3kcdOdALZ4:0tz0K2JM/ThUvo1lToXEADJ03rd6AL+
Score

10^/10

blustealer stealer
- BluStealer
  A Modular information stealer written in Visual Basic.
  stealer blustealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

blustealerstealer

behavioral2

© 2018-2024

Terms | Privacy