Overview

overview

10

Static

static

10

ReaperLauncher.exe

windows10-1703-x64

10

LHvޡ�.pyc

windows10-1703-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ReaperLauncher.exe

  • Size

    7.3MB

  • Sample

    231013-vmaf2aeb96

  • MD5

    caa4f0f560bf42fef6c0e89d7ceea759

  • SHA1

    3647cdd5496ac08a185a2f0a6f27dd9657e51de8

  • SHA256

    61aced93eaca28fcf98fe0c4fa4167742e75fee9ffcc04c7223ade1435b6ae26

  • SHA512

    60fe8dfae3571d47e3d6f776e067146beb61b6e4aa1d2a2f36f2ecc3e1a2a7207e4228c1cc20455bdde1263922a9ad27957869a509f599d42ef37e4a0a8393d3

  • SSDEEP

    196608:mujYS6DOshoKMuIkhVastRL5Di3ue1D730J:ZYSgOshouIkPftRL54fREJ

Score
10/10
blankgrabberevasionspywarestealerupx

Malware Config

Targets

    • Target

      ReaperLauncher.exe

    • Size

      7.3MB

    • MD5

      caa4f0f560bf42fef6c0e89d7ceea759

    • SHA1

      3647cdd5496ac08a185a2f0a6f27dd9657e51de8

    • SHA256

      61aced93eaca28fcf98fe0c4fa4167742e75fee9ffcc04c7223ade1435b6ae26

    • SHA512

      60fe8dfae3571d47e3d6f776e067146beb61b6e4aa1d2a2f36f2ecc3e1a2a7207e4228c1cc20455bdde1263922a9ad27957869a509f599d42ef37e4a0a8393d3

    • SSDEEP

      196608:mujYS6DOshoKMuIkhVastRL5Di3ue1D730J:ZYSgOshouIkPftRL54fREJ

    Score
    10/10
    evasionspywarestealerupx

    • Deletes Windows Defender Definitions

      Uses mpcmdrun utility to delete all AV definitions.

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

    • Target

      LHvޡ�.pyc

    • Size

      1KB

    • MD5

      ba320aa6fac1df7fbad463daeeddd830

    • SHA1

      e4621fa190c058a717e8eef9671128c4ea5094d0

    • SHA256

      dcea6e81efa11ad25d2b396052d62afe5de5525d10e34b6ff113c6a1011a3679

    • SHA512

      b6b0b585e566f041a70055baca67fd0d9a096b461bd9d215237c8bbf70c8b5910b8e1843e903945dd8a8f4f379f08f701329c1bacfc7e198b67ff1d6ef9182db

    Score
    1/10
    behavioral2

MITRE ATT&CK Enterprise v15

Tasks