blankgrabber | 1e146b5a97553eeb78af93acfbc72318de81eb7b6e9ef564b9768aee97c09d94 | Triage

Submit
Reports

Overview

overview

Static

static

Mooner_executor.exe

windows10-2004-x64

8

Resubmissions

28-04-2024 22:08

240428-119qyaac95 10

28-04-2024 22:03

240428-1ymtdsac37 10

Sharing

General

Target

Mooner_executor.exe
Size

6.7MB
Sample

240428-119qyaac95
MD5

3930b84ea1c2ebdd81060263328383b6
SHA1

4aeda40b67995031d1324e5b75846ce887c4fd4d
SHA256

1e146b5a97553eeb78af93acfbc72318de81eb7b6e9ef564b9768aee97c09d94
SHA512

d80d380fcb37ebd913ff98e78d2ab995c80c93d5baa15fe2e326313b5ae47ab3fdc2cf2e344cb8475fe490b660a3f0c88be2d15034c6dc9d20640816c3020354
SSDEEP

196608:+r2fumWiOjmFwDRxtYSHdK34kdai7bN3m5SE+WE6:I9K2pM9B3QQ87

Score

10^/10

blankgrabber spyware stealer upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Mooner_executor.exe

Resource

win10v2004-20240426-en

spyware stealer upx

windows10-2004-x64

18 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Mooner_executor.exe
- Size
  
  6.7MB
- MD5
  
  3930b84ea1c2ebdd81060263328383b6
- SHA1
  
  4aeda40b67995031d1324e5b75846ce887c4fd4d
- SHA256
  
  1e146b5a97553eeb78af93acfbc72318de81eb7b6e9ef564b9768aee97c09d94
- SHA512
  
  d80d380fcb37ebd913ff98e78d2ab995c80c93d5baa15fe2e326313b5ae47ab3fdc2cf2e344cb8475fe490b660a3f0c88be2d15034c6dc9d20640816c3020354
- SSDEEP
  
  196608:+r2fumWiOjmFwDRxtYSHdK34kdai7bN3m5SE+WE6:I9K2pM9B3QQ87
Score

8^/10

spyware stealer upx
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Process Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

spywarestealerupx

© 2018-2024

Terms | Privacy