SYMBOLCOMMON_NAMEaka. SYNONYMS
win.blustealer (Back to overview)

BluStealer

aka: a310logger

Avast describe this malware as a recombination of other malware including SpyEx, ThunderFox, ChromeRecovery, StormKitty, and firepwd.

References
2021-10-07BlackberryThe BlackBerry Research & Intelligence Team
@online{team:20211007:threat:f124dbd, author = {The BlackBerry Research & Intelligence Team}, title = {{Threat Thursday: BluStealer Infostealer}}, date = {2021-10-07}, organization = {Blackberry}, url = {https://blogs.blackberry.com/en/2021/10/threat-thursday-blustealer-infostealer}, language = {English}, urldate = {2021-10-11} } Threat Thursday: BluStealer Infostealer
BluStealer
2021-09-22GoSecureGoSecure
@online{gosecure:20210922:gosecure:c1946aa, author = {GoSecure}, title = {{GoSecure Titan Labs Technical Report: BluStealer Malware Threat}}, date = {2021-09-22}, organization = {GoSecure}, url = {https://www.gosecure.net/blog/2021/09/22/gosecure-titan-labs-technical-report-blustealer-malware-threat/}, language = {English}, urldate = {2021-09-23} } GoSecure Titan Labs Technical Report: BluStealer Malware Threat
BluStealer
2021-09-20Avast DecodedAnh ho
@online{ho:20210920:blustealer:9beaf4b, author = {Anh ho}, title = {{BluStealer: from SpyEx to ThunderFox}}, date = {2021-09-20}, organization = {Avast Decoded}, url = {https://decoded.avast.io/anhho/blustealer/}, language = {English}, urldate = {2021-09-22} } BluStealer: from SpyEx to ThunderFox
BluStealer
2021-09-13Twitter (@GoSecure_Inc)GoSecure
@online{gosecure:20210913:bluestealer:62a42aa, author = {GoSecure}, title = {{Tweet on BlueStealer}}, date = {2021-09-13}, organization = {Twitter (@GoSecure_Inc)}, url = {https://twitter.com/GoSecure_Inc/status/1437435265350397957}, language = {English}, urldate = {2021-09-22} } Tweet on BlueStealer
BluStealer

There is no Yara-Signature yet.