General

  • Target

    Blue Stealer.zip

  • Size

    6.8MB

  • MD5

    75995fde46a5836b53051bb8c8555691

  • SHA1

    c551d6fd55994fd92dfc9faf90004417ec4618fc

  • SHA256

    d0c9a02a815aeecb435e78a7066c0e40c1d2b3af159ec2969333049ceec8ee7f

  • SHA512

    93cd0d0e725395277bd40d9a4a7d89fe2374914ec374d9fbc9ab87c9907cf35fdb907a8b3278338252b6bca452d1c99143c94c9184ffc6dc2d7fcb0bea649c02

  • SSDEEP

    196608:RHDxpP9lDZ4SM8Y1VIif7a2mz89lUUT1KE8X:Rj3LDZU8UGaa2m44UC

Score
10/10

Malware Config

Extracted

Family

xworm

C2

library-waiting.gl.at.ply.gg:13302

Attributes
  • Install_directory

    %AppData%

  • install_file

    Windows Helper.exe

Signatures

  • Detect Xworm Payload 1 IoCs
  • StormKitty payload 1 IoCs
  • Stormkitty family
  • Xworm family
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • Blue Stealer.zip
    .zip
  • Blue Stealer/Blue Stealer/Blue Stealer.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/RVGLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/SimpleObfuscator.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/dlls/All-In-One.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/dlls/Informations.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/dlls/Keylogger.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/dlls/Recovery.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • Blue Stealer/Blue Stealer/dlls/Stealer.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections