Overview

overview

7

Static

static

3

BloxFlip-P...in.zip

windows7-x64

1

BloxFlip-P...in.zip

windows10-2004-x64

1

BloxFlip-P...or.exe

windows7-x64

7

BloxFlip-P...or.exe

windows10-2004-x64

7

BloxFlip.pyc

windows7-x64

3

BloxFlip.pyc

windows10-2004-x64

3

BloxFlip-P...DME.md

windows7-x64

3

BloxFlip-P...DME.md

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    BloxFlip-Predicator-V2--main.zip

  • Size

    16.6MB

  • Sample

    240528-ctjn6scd49

  • MD5

    cb91aa32ac4759e2938be11e499ebf84

  • SHA1

    e7990510407f1bcec64dbeab10c892f09f11fa4d

  • SHA256

    44b41286baf971b6fbb30ccbf30532065de8630233ce66991b287d7d82871b2b

  • SHA512

    2b20cb253429eb74b3588cd54283b49556a378fc8ad13956fce36dde39cc077c9bccb1c1cbdf74e3693a707e2c32952ffb97ceb14b53cfe7564f9e50ed4eefdb

  • SSDEEP

    393216:49/7mvTK6f4Cz5pS62+a2Y1EPgLSLR/Sy//grpiFP7:6yvTKap5UNaBSWYrYp7

Score
7/10
pyinstallerspywarestealerupx

Malware Config

Targets

    • Target

      BloxFlip-Predicator-V2--main.zip

    • Size

      16.6MB

    • MD5

      cb91aa32ac4759e2938be11e499ebf84

    • SHA1

      e7990510407f1bcec64dbeab10c892f09f11fa4d

    • SHA256

      44b41286baf971b6fbb30ccbf30532065de8630233ce66991b287d7d82871b2b

    • SHA512

      2b20cb253429eb74b3588cd54283b49556a378fc8ad13956fce36dde39cc077c9bccb1c1cbdf74e3693a707e2c32952ffb97ceb14b53cfe7564f9e50ed4eefdb

    • SSDEEP

      393216:49/7mvTK6f4Cz5pS62+a2Y1EPgLSLR/Sy//grpiFP7:6yvTKap5UNaBSWYrYp7

    Score
    1/10
    behavioral1behavioral2

    • Target

      BloxFlip-Predicator-V2--main/BloxFlip Predicator.exe

    • Size

      16.7MB

    • MD5

      adad1f90ebff8df5b12b81d9a2c4a6ab

    • SHA1

      787491f2b69dd9b9f5a70fedf5227b6f3c317450

    • SHA256

      84bb145d901c473b39f6d3affaf2c4791abb8431efdae9330ca80c03acb15dfa

    • SHA512

      eb05a90cd19fd94acc5714c3915a405e5bd009a14d75ac65a3ef1d5924a5a6a3c65c6bf96d15ad67c4c25e86c93ebb35920c837525bee6c6bb7ac1a596475604

    • SSDEEP

      393216:sHNkxjYSx8uP8/m3pDeEG2QJ+v8rRXJuzeJbwjmk:gixjYzKDGvJuyJbwjz

    Score
    7/10
    upxspywarestealer

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral3behavioral4

    • Target

      BloxFlip.pyc

    • Size

      43KB

    • MD5

      5e739b16270d51970f69aa1fb6cbeb5a

    • SHA1

      a2bd18e275f05f3922c709e3b1a76f9b3a7c5fb1

    • SHA256

      ab2344456538b37c1533f8b248f20018986b3d256a1cdfcf4387138bb1336c04

    • SHA512

      814ba7a00f53fb9482f8d73d7800c732c1562c8c0196eca1c384421b39207075aaa00d3c999be4a126774a9490c329cb1a70bf92f129969fc04b26ddcf9e8561

    • SSDEEP

      768:fI9I7ewk6QQjWL0Deakv1DBpy1WFdyw7LYNVgqcFPDPNTHAFrTGjEaG3Z+nZZTA:g9GBj6ug1W1kywXIuPahTGjEaGp+n0

    Score
    3/10
    behavioral5behavioral6

    • Target

      BloxFlip-Predicator-V2--main/README.md

    • Size

      708B

    • MD5

      42e478f4b51558f29b5cd43bcb25c971

    • SHA1

      3697fdb5c34457cdfed5080f83b06130ca808e2c

    • SHA256

      e7d4b5e75576dacf7e4e20d25e9cd5c4d3a7c0dd73cd2555c1fb40c57904c5d5

    • SHA512

      0f11e034791c535d2024819341c9829549e2fadcdecabe0b920da8a6b53e55ac39c77b5016d63c83f5eda5bce66488ebe929c7d8bdcec74119735289ab9754d3

    Score
    3/10
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks