General
-
Target
871b6a4de6279ebb6423407024b11d457102599a03bb040efb530f5c48d7b31c.exe
-
Size
46KB
-
Sample
250324-bmb53swly2
-
MD5
4f16665f1e31827bc02b65e3142b60d7
-
SHA1
6000f8dfeb1ad5d2020ce664e7b97546a91a0f1b
-
SHA256
871b6a4de6279ebb6423407024b11d457102599a03bb040efb530f5c48d7b31c
-
SHA512
2b962608cb61b83cc1b2cd2abb5d57dd6f1f7fa93148c805ea75b6d6615cd31162cc40cb86f210a768a6fcc53207e0c209f218b6acd84fe4d52140cde6d3289f
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6Ik:e6q10k0EFjed6rqJ+6vghzwYu7vih9GY
Malware Config
Extracted
blihanstealer
pomdfghrt
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Targets
-
-
Target
871b6a4de6279ebb6423407024b11d457102599a03bb040efb530f5c48d7b31c.exe
-
Size
46KB
-
MD5
4f16665f1e31827bc02b65e3142b60d7
-
SHA1
6000f8dfeb1ad5d2020ce664e7b97546a91a0f1b
-
SHA256
871b6a4de6279ebb6423407024b11d457102599a03bb040efb530f5c48d7b31c
-
SHA512
2b962608cb61b83cc1b2cd2abb5d57dd6f1f7fa93148c805ea75b6d6615cd31162cc40cb86f210a768a6fcc53207e0c209f218b6acd84fe4d52140cde6d3289f
-
SSDEEP
768:ePyFZFASe0Ep0EpHZplRpqpd6rqxn4p6vghzwYu7vih9GueIh9j2IoHAjU+Eh6Ik:e6q10k0EFjed6rqJ+6vghzwYu7vih9GY
Score10/10-
BlihanStealer
Blihan is a stealer written in C++.
-
Blihanstealer family
-
Deletes itself
-
Executes dropped EXE
-
Adds Run key to start application
-