Overview
overview
8Static
static
8New WinRAR...ve.zip
windows7-x64
1Blank-Grab...11.pyc
windows7-x64
3Blank-Grab...).tmpl
windows7-x64
3Blank-Grab...t.tmpl
windows7-x64
3Blank-Grab...TALLER
windows7-x64
1Blank-Grab...SE.txt
windows7-x64
1Blank-Grab....typed
windows7-x64
3Blank-Grab...TALLER
windows7-x64
1Blank-Grab...SE.txt
windows7-x64
1Blank-Grab...TADATA
windows7-x64
1Blank-Grab...RECORD
windows7-x64
1Blank-Grab.../WHEEL
windows7-x64
1Blank-Grab...ts.txt
windows7-x64
1Blank-Grab...or.txt
windows7-x64
1Blank-Grab...e.spec
windows7-x64
3Blank-Grab...tivate
windows7-x64
1Blank-Grab...nk.aes
windows7-x64
3Blank-Grab...00.toc
windows7-x64
3Blank-Grab...00.toc
windows7-x64
3Blank-Grab...00.toc
windows7-x64
3Blank-Grab...00.pyz
windows7-x64
3Blank-Grab...00.toc
windows7-x64
3Blank-Grab...ry.zip
windows7-x64
1Blank-Grab...s/cert
windows7-x64
1Blank-Grab...g.json
windows7-x64
3Blank-Grab...eg.key
windows7-x64
3Blank-Grab...ts.txt
windows7-x64
1Blank-Grab...on.txt
windows7-x64
1Blank-Grab...nv.cfg
windows7-x64
3Blank-Grab...ICENSE
windows7-x64
1Blank-Grab...DME.md
windows7-x64
3Blank-Grab...log.md
windows7-x64
3Analysis
-
max time kernel
118s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
22-05-2024 22:18
Behavioral task
behavioral1
Sample
New WinRAR ZIP archive.zip
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/PyInstaller/building/__pycache__/__init__.cpython-311.pyc
Resource
win7-20240508-en
Behavioral task
behavioral3
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/setuptools/script (dev).tmpl
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/setuptools/script.tmpl
Resource
win7-20240508-en
Behavioral task
behavioral5
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/tinyaes-1.1.0.dist-info/INSTALLER
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/tinyaes-1.1.0.dist-info/LICENSE.txt
Resource
win7-20240419-en
Behavioral task
behavioral7
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/urllib3/py.typed
Resource
win7-20231129-en
Behavioral task
behavioral8
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel-0.43.0.dist-info/INSTALLER
Resource
win7-20240508-en
Behavioral task
behavioral9
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel-0.43.0.dist-info/LICENSE.txt
Resource
win7-20240220-en
Behavioral task
behavioral10
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel-0.43.0.dist-info/METADATA
Resource
win7-20240215-en
Behavioral task
behavioral11
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel-0.43.0.dist-info/RECORD
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel-0.43.0.dist-info/WHEEL
Resource
win7-20240221-en
Behavioral task
behavioral13
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel-0.43.0.dist-info/entry_points.txt
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
Blank-Grabber-main/Blank Grabber/env/Lib/site-packages/wheel/vendored/vendor.txt
Resource
win7-20240508-en
Behavioral task
behavioral15
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/Built.exe.spec
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/activate
Resource
win7-20240220-en
Behavioral task
behavioral17
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/blank.aes
Resource
win7-20231129-en
Behavioral task
behavioral18
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/build/Built.exe/Analysis-00.toc
Resource
win7-20240221-en
Behavioral task
behavioral19
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/build/Built.exe/EXE-00.toc
Resource
win7-20240508-en
Behavioral task
behavioral20
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/build/Built.exe/PKG-00.toc
Resource
win7-20240419-en
Behavioral task
behavioral21
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/build/Built.exe/PYZ-00.pyz
Resource
win7-20240508-en
Behavioral task
behavioral22
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/build/Built.exe/PYZ-00.toc
Resource
win7-20240221-en
Behavioral task
behavioral23
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/build/Built.exe/base_library.zip
Resource
win7-20240215-en
Behavioral task
behavioral24
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/cert
Resource
win7-20240221-en
Behavioral task
behavioral25
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/config.json
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/rarreg.key
Resource
win7-20240508-en
Behavioral task
behavioral27
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/requirements.txt
Resource
win7-20240508-en
Behavioral task
behavioral28
Sample
Blank-Grabber-main/Blank Grabber/env/Scripts/version.txt
Resource
win7-20240215-en
Behavioral task
behavioral29
Sample
Blank-Grabber-main/Blank Grabber/env/pyvenv.cfg
Resource
win7-20240419-en
Behavioral task
behavioral30
Sample
Blank-Grabber-main/LICENSE
Resource
win7-20231129-en
Behavioral task
behavioral31
Sample
Blank-Grabber-main/README.md
Resource
win7-20240220-en
Behavioral task
behavioral32
Sample
Blank-Grabber-main/changelog.md
Resource
win7-20240508-en
General
-
Target
Blank-Grabber-main/Blank Grabber/env/Scripts/activate
-
Size
2KB
-
MD5
7c44cc248d0428f0f2f9b3b18a5098eb
-
SHA1
739c321e829aca23a0c43a2e3b01e63c83a12168
-
SHA256
7c27cea1d4edfae0820a9e16d8515adf1b217fdb8b46a0b63f2fbfbb44224cc4
-
SHA512
23ffdbac9ad295dadeb05b1b11bf19dc0bd0e0fd903a3607bb98c74576d41259ff69147b273d9d974781593440c0aac15497957a6206b6e83c31fb1df3d9a483
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 12 IoCs
description pid Process procid_target PID 2100 wrote to memory of 2948 2100 cmd.exe 29 PID 2100 wrote to memory of 2948 2100 cmd.exe 29 PID 2100 wrote to memory of 2948 2100 cmd.exe 29 PID 2948 wrote to memory of 2704 2948 cmd.exe 30 PID 2948 wrote to memory of 2704 2948 cmd.exe 30 PID 2948 wrote to memory of 2704 2948 cmd.exe 30 PID 2100 wrote to memory of 1880 2100 cmd.exe 31 PID 2100 wrote to memory of 1880 2100 cmd.exe 31 PID 2100 wrote to memory of 1880 2100 cmd.exe 31 PID 2100 wrote to memory of 2368 2100 cmd.exe 32 PID 2100 wrote to memory of 2368 2100 cmd.exe 32 PID 2100 wrote to memory of 2368 2100 cmd.exe 32
Processes
-
C:\Windows\system32\cmd.execmd /c "C:\Users\Admin\AppData\Local\Temp\Blank-Grabber-main\Blank Grabber\env\Scripts\activate"1⤵
- Suspicious use of WriteProcessMemory
PID:2100 -
C:\Windows\system32\cmd.exeC:\Windows\system32\cmd.exe /c "C:\Windows\System32\chcp.com"2⤵
- Suspicious use of WriteProcessMemory
PID:2948 -
C:\Windows\System32\chcp.comC:\Windows\System32\chcp.com3⤵PID:2704
-
-
-
C:\Windows\System32\chcp.com"C:\Windows\System32\chcp.com" 650012⤵PID:1880
-
-
C:\Windows\System32\chcp.com"C:\Windows\System32\chcp.com" 4372⤵PID:2368
-