General
-
Target
92f5e87abf9c56629ea18d38fd358c554842492ed2dd927f5da116312bb341e0
-
Size
953KB
-
Sample
241216-p5jjrs1kb1
-
MD5
685315094a528c85b57e32fdd640b2c0
-
SHA1
5386ade339f9beac050875e91f1a068c7b28cc61
-
SHA256
92f5e87abf9c56629ea18d38fd358c554842492ed2dd927f5da116312bb341e0
-
SHA512
765087694c46a8a31a2b03aed21373b2c8879ae4d0ef0e7cc7768ddfd066b36289ac48f1dce346d6816a84419ad7bcd93ec32f16a57c38acf54b2dac4873986d
-
SSDEEP
24576:wkp3To+6N/Wnlz0BzxTQXzsTPS2iIzOYU5dRK:fp3vQyIzCwLrFCvd8
Static task
static1
Behavioral task
behavioral1
Sample
BlueMail.exe
Resource
win7-20241010-en
Malware Config
Extracted
systembc
wodresomdaymomentum.org
-
dns
5.132.191.104
Targets
-
-
Target
BlueMail.exe
-
Size
1006KB
-
MD5
0630c2c8a8c85dca0b36513ad79967e8
-
SHA1
9dafbb4ef4c4ecbd78aa9f4c8f0260a8aba2baf4
-
SHA256
341082f1ded57c304632b7607119183bb78ba76e1b492f3e4a706fd83c1bc13d
-
SHA512
2e200220d5b8ab644274af62de19b36c502ca8c6e9a450e2ac61c8f5cce20a45d73200d4d8f45b1b45a4b3a645c103a61110d5f4273783f06ccabe6f1c407350
-
SSDEEP
24576:W0RHvPoU6t/Wn5z09zDxeXTMT9m2OyzUYc:lHvB+QmzoIZ3Bw
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Systembc family
-
Drops startup file
-
Executes dropped EXE
-
Suspicious use of SetThreadContext
-