Overview

overview

10

Static

static

3

d82a5a3a21...4e.exe

windows7-x64

10

d82a5a3a21...4e.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d82a5a3a213d381f1a8975148713994e

  • Size

    489KB

  • Sample

    240320-hq37asbg5w

  • MD5

    d82a5a3a213d381f1a8975148713994e

  • SHA1

    0bd310364b8ab6b44bfe8624505592a8f1d0e1d5

  • SHA256

    ff5ec2c1351e835e479f1d02f65722274f6d07d26a82ae14d6d01a859b41248a

  • SHA512

    3bbd4697db01fcf5cae99e574a5d3f0f089dee8a18fd64fe41441bb8cce65f95f8f5c60432dd99b34d27ed9b452f30e10079b76caa3d38214980ee45df98988b

  • SSDEEP

    12288:wAEGG7mC+J8x2JM/TlxUYUvilkw1lToXQlfoDGxq92h3kcdOdALZ4:0tz0K2JM/ThUvo1lToXEADJ03rd6AL+

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

Credentials

  • Protocol:     smtp
  • Host:
    mail.farm-finn.com
  • Port:
    587
  • Username:
    [email protected]
  • Password:
    shanti@shant

Targets

    • Target

      d82a5a3a213d381f1a8975148713994e

    • Size

      489KB

    • MD5

      d82a5a3a213d381f1a8975148713994e

    • SHA1

      0bd310364b8ab6b44bfe8624505592a8f1d0e1d5

    • SHA256

      ff5ec2c1351e835e479f1d02f65722274f6d07d26a82ae14d6d01a859b41248a

    • SHA512

      3bbd4697db01fcf5cae99e574a5d3f0f089dee8a18fd64fe41441bb8cce65f95f8f5c60432dd99b34d27ed9b452f30e10079b76caa3d38214980ee45df98988b

    • SSDEEP

      12288:wAEGG7mC+J8x2JM/TlxUYUvilkw1lToXQlfoDGxq92h3kcdOdALZ4:0tz0K2JM/ThUvo1lToXEADJ03rd6AL+

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks