Overview

overview

8

Static

static

8

Blank-Grab...er.bat

windows7-x64

1

Blank-Grab...er.bat

windows10-2004-x64

1

Blank-Grab...OBF.py

windows7-x64

3

Blank-Grab...OBF.py

windows10-2004-x64

3

Blank-Grab...der.py

windows7-x64

3

Blank-Grab...der.py

windows10-2004-x64

3

Blank-Grab...ess.py

windows7-x64

3

Blank-Grab...ess.py

windows10-2004-x64

3

Blank-Grab...ess.py

windows7-x64

3

Blank-Grab...ess.py

windows10-2004-x64

3

Blank-Grab...ar.exe

windows7-x64

3

Blank-Grab...ar.exe

windows10-2004-x64

3

Blank-Grab...un.bat

windows7-x64

1

Blank-Grab...un.bat

windows10-2004-x64

1

Blank-Grab...tub.py

windows7-x64

3

Blank-Grab...tub.py

windows10-2004-x64

3

Blank-Grab...px.exe

windows7-x64

7

Blank-Grab...px.exe

windows10-2004-x64

7

Blank-Grab...tes.py

windows7-x64

3

Blank-Grab...tes.py

windows10-2004-x64

3

Blank-Grab...gui.py

windows7-x64

3

Blank-Grab...gui.py

windows10-2004-x64

3

Analysis

  • max time kernel
    614s
  • max time network
    1176s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-de
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-delocale:de-deos:windows10-2004-x64systemwindows
  • submitted
    06-03-2024 14:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Blank-Grabber-main/Blank Grabber/Components/run.bat

  • Size

    1KB

  • MD5

    5beaf38a2e57c2813f6b19b3fb08aca3

  • SHA1

    424b0ae28d3ea1e067e8c29d45f1f84040eaa7ec

  • SHA256

    ceade703cb46e78226dc0331ea37f3ed9f681b5969b56ddd15ca5a39e8c067d3

  • SHA512

    7265b1a73f2d4841b62aec2f1eeb14114051f5b09fa47049ebb0a39ae220bdf35e747c98467aa56be8fc90aa7102888ce215edc88a52212b26ee915fdbe2d486

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c "C:\Users\Admin\AppData\Local\Temp\Blank-Grabber-main\Blank Grabber\Components\run.bat"
    1⤵
      PID:3032
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:1592
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3444

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        89ce837b2fa849ceaa35c66298b00e85

        SHA1

        60e82051d5d6181ec5c97923d3b345c8c3910c85

        SHA256

        52716ae0a5b78781c62c0f8427af463a10046c079a5ff11907919499612f997e

        SHA512

        40fe4666d1e4b9e3522163c87519fd47ecf5fc744943d79776600485d93dc7476d3085e2bc142c211f4134fb98ac2a8ab40518f130a16b155bc291c14d892704

        Download Submit

      • memory/3444-49-0x000001442B1C0000-0x000001442B1C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-38-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-33-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-52-0x000001442B100000-0x000001442B101000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-35-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-36-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-37-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-16-0x0000014422F90000-0x0000014422FA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3444-39-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-40-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-41-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-42-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-43-0x000001442B1D0000-0x000001442B1D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-64-0x000001442B300000-0x000001442B301000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-46-0x000001442B1D0000-0x000001442B1D1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-0-0x0000014422E90000-0x0000014422EA0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3444-34-0x000001442B5A0000-0x000001442B5A1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-32-0x000001442B580000-0x000001442B581000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-44-0x000001442B1C0000-0x000001442B1C1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-66-0x000001442B310000-0x000001442B311000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-67-0x000001442B310000-0x000001442B311000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-68-0x000001442B420000-0x000001442B421000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-69-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-70-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-71-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-72-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-73-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-74-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-75-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-76-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-77-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-78-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3444-79-0x000001442B320000-0x000001442B321000-memory.dmp

        Filesize

        4KB

        Download