Overview

overview

10

Static

static

3

e4b3a32bd8...18.exe

windows7-x64

10

e4b3a32bd8...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e4b3a32bd8e0d3bfe3e9ce61cac71371_JaffaCakes118

  • Size

    799KB

  • Sample

    240407-mehtfaaf4v

  • MD5

    e4b3a32bd8e0d3bfe3e9ce61cac71371

  • SHA1

    48ca59d9b3611f99ff7b27ecbb8b357947886502

  • SHA256

    eda2fc4d3eab34d348d29a72354a51726080f18ce1c1a7a425596ff182a53ecb

  • SHA512

    0a0c5c8e94c2f8ddc770bc6fffb8901f32aae013e2eaf1cd07e56c091ae94812d60daad3f0ea40ce44712bd194cedf146ece0d01b22f948bbbae238002b61afd

  • SSDEEP

    24576:ZtZKp01h2QuJl5RzAI4j5ftAXVJJxF0HivpZT0u+3:M+1hMXsI4Nf2XlxF0CBZHw

Score
10/10
blustealerstealer

Malware Config

Extracted

Family

blustealer

C2

https://api.telegram.org/bot1816395306:AAE3ZBLYV2L9aT9mL8itL9vr3RP6nOz_B1o/sendMessage?chat_id=1368673464

Targets

    • Target

      e4b3a32bd8e0d3bfe3e9ce61cac71371_JaffaCakes118

    • Size

      799KB

    • MD5

      e4b3a32bd8e0d3bfe3e9ce61cac71371

    • SHA1

      48ca59d9b3611f99ff7b27ecbb8b357947886502

    • SHA256

      eda2fc4d3eab34d348d29a72354a51726080f18ce1c1a7a425596ff182a53ecb

    • SHA512

      0a0c5c8e94c2f8ddc770bc6fffb8901f32aae013e2eaf1cd07e56c091ae94812d60daad3f0ea40ce44712bd194cedf146ece0d01b22f948bbbae238002b61afd

    • SSDEEP

      24576:ZtZKp01h2QuJl5RzAI4j5ftAXVJJxF0HivpZT0u+3:M+1hMXsI4Nf2XlxF0CBZHw

    Score
    10/10
    blustealerstealer

    • BluStealer

      A Modular information stealer written in Visual Basic.

      stealerblustealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks