chg: [stealer] Removes BluStealer

The BluStealer is already in the malpedia cluster. Signed-off-by: Jürgen Löhel <juergen.loehel@inlyse.com>
2023-01-30 18:35:28 -06:00 · 2023-01-30 18:35:28 -06:00 · c7c2b8441a
parent ca635cc3fc
commit c7c2b8441a
1 changed files with 1 additions and 20 deletions
--- a/clusters/stealer.json
+++ b/clusters/stealer.json
@ -167,25 +167,6 @@
      "uuid": "d410b534-07a4-4190-b253-f6616934bea6",
      "value": "WorldWind"
    },
-    {
-      "description": "Avast describe this malware as a recombination of other malware including SpyEx, ThunderFox, ChromeRecovery, StormKitty, and firepwd.",
-      "meta": {
-        "refs": [
-          "https://malpedia.caad.fkie.fraunhofer.de/details/win.blustealer",
-          "https://blogs.blackberry.com/en/2022/05/dot-net-stubs-sowing-the-seeds-of-discord",
-          "https://minerva-labs.com/blog/a-new-blustealer-loader-uses-direct-syscalls-to-evade-edrs/",
-          "https://blogs.blackberry.com/en/2021/10/threat-thursday-blustealer-infostealer",
-          "https://www.gosecure.net/blog/2021/09/22/gosecure-titan-labs-technical-report-blustealer-malware-threat/",
-          "https://decoded.avast.io/anhho/blustealer/",
-          "https://twitter.com/GoSecure_Inc/status/1437435265350397957"
-        ]
-      },
-      "synonyms": [
-        "a310logger"
-      ],
-      "uuid": "ac565486-89c1-4984-9bee-9202d8a5134d",
-      "value": "BluStealer"
-    },
    {
      "description": "Stealer is written in Visual Basic.",
      "meta": {
@ -196,7 +177,7 @@
      },
      "related": [
        {
-          "dest-uuid": "ac565486-89c1-4984-9bee-9202d8a5134d",
+          "dest-uuid": "cb4bfed3-3042-4a29-a72d-c8b5c510faea",
          "tags": [
            "estimative-language:likelihood-probability=\"very-likely\""
          ],