blankgrabber | d12f7b117b1f937c91150937ab33dddc2980dbdb32ad758d00123b20481bfbe5 | Triage

Submit
Reports

Overview

overview

Static

static

cs2.v1.exe

windows10-2004-x64

7

�S�ȹ��.pyc

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

cs2.v1.exe
Size

7.3MB
Sample

240228-z12vnaea2v
MD5

1be3f9febd39c85e51970c325eecec10
SHA1

01ebb388022d58606cf8d889474d1d522f2acf55
SHA256

d12f7b117b1f937c91150937ab33dddc2980dbdb32ad758d00123b20481bfbe5
SHA512

9a6769946b1b4c07c71b90754029d15098731d3bea1d452148428f7eb915dbaab7a6e4795529426bbf382687b0613be2ea7da528b18c9eb3487fb2019fa97d7e
SSDEEP

196608:FvYS6COshoKMuIkhVastRL5Di3uv1D7+:9YSNOshouIkPftRL54KR+

Score

10^/10

blankgrabber spyware stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

cs2.v1.exe

Resource

win10v2004-20240226-de

spyware stealer upx

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

�S�ȹ��.pyc

Resource

win10v2004-20240226-de

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  cs2.v1.exe
- Size
  
  7.3MB
- MD5
  
  1be3f9febd39c85e51970c325eecec10
- SHA1
  
  01ebb388022d58606cf8d889474d1d522f2acf55
- SHA256
  
  d12f7b117b1f937c91150937ab33dddc2980dbdb32ad758d00123b20481bfbe5
- SHA512
  
  9a6769946b1b4c07c71b90754029d15098731d3bea1d452148428f7eb915dbaab7a6e4795529426bbf382687b0613be2ea7da528b18c9eb3487fb2019fa97d7e
- SSDEEP
  
  196608:FvYS6COshoKMuIkhVastRL5Di3uv1D7+:9YSNOshouIkPftRL54KR+
Score

7^/10

spyware stealer upx
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  �S�ȹ��.pyc
- Size
  
  1KB
- MD5
  
  6c44de13fceae975711a8b9f259dc241
- SHA1
  
  82e508cd3042b8020f90dde50c3c96269343c6a4
- SHA256
  
  7e471b30dbc4c8b310c33746982862c921c6aee8cdd1c45b10b8b3b89099c564
- SHA512
  
  c764f19c70f7b560d5f36e5e7fb3a3c37f29bf0511da33048c8a9a7518671a25e041aab526618b3803f2787f8f43dbc14458b56f257920fb14dcf3c84edc71af
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

spywarestealerupx

behavioral2

© 2018-2025

Terms | Privacy