Overview

overview

10

Static

static

10

Do not dow...at.exe

windows7-x64

7

Do not dow...at.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Do not download beaming tool thats a rat.exe

  • Size

    6.0MB

  • MD5

    003376f4e42b17685b481aa1fefdad2f

  • SHA1

    083da7920a306f61267f9c9bfc6fec775f54c1bd

  • SHA256

    49e5e80f7c823694fa86addf84783ec0b4303df3edcf3fbc51bda19bebc38e42

  • SHA512

    3b5c3b1ed81f75a2bb4ddef3c1f7f7e95e824e284f2532ff99848187a6bdf829f4103d9b7df5c3c6e595562f4c1fe3656cf1ede3ce1f85ec65ca407915a8f166

  • SSDEEP

    98304:jrAkEtdFBCKZkamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RtOuAKju4Cyg:jrAzFIKreN/FJMIDJf0gsAGK4RouAKjQ

Score
10/10
blankgrabber

Malware Config

Signatures

  • A stealer written in Python and packaged with Pyinstaller 1 IoCs
  • Blankgrabber family
    blankgrabber

Files

  • Do not download beaming tool thats a rat.exe
    .exe windows:5 windows x64 arch:x64

    Password: [qti][qti][qti][qti] [qti][qti][qti][qti]– [Wtu][Wtu][Wtu][Wtu] [Wtu][Wtu][Wtu][Wtu]– [euo] [euo] [euo]-[euo]-[euo] [euo] [euo] [wip] [wip] [wip] [wip] [8uo]– [qs] s s a s ds– [qs] s s a s ds– [0a] a a o a sa– [es] s s a s ds– [qs] s s a s ds– [qs] s s a s ds– [0a] a a o a sa– [es] s s a s ds– [ti] [ti] ssssso s ds [ti] [ti] ssssso s ds [uO] [uO] ssssso s ds [uo] [uo] sssdfg f ds [ti] [ti] ssssso s ds [ti] [ti] ssssso s ds [uO] [uO] ssssso s ds [uo] [uo] sssdfg f ds [ti] [ti] ssssso s ds [ti] [ti] ssssso s ds [uO] [uO] ssssso s ds [uo] [uo] sssdfg f ds [ti] [ti] ssssso s ds [ti] [ti] ssssso s ds [uO] [uO] ssssso s ds [uo] [uo] sssdfg f ds q-[ts]-[qs]-[to]- [qs]-[to]-[qs]-[td]- [0f]-[rg]-[0f]-[rd]- [es]-t-[eh]-t- [es]-t-[eh]-t- [es]-t-[es]-[to]- [0f]-[rg]-[0f]-[rd]- [es]-[es]-[es]– [4f] q 4 q [4d] q [4h] q [3f] 0 3 0 [3d] 0 [3h] 0 [6f] e 6 e [6d] e [6f] e [5d]-[wp]-[8p] w [ta]- [4a]s as as4as as- [3s]d sd sd3sd sd- [6d]f df df6df-p [5j]-h h [8f]-d s [4f] q 4 q [4d] q [4h] q [3f] 0 3 0 [3d] 0 [3h] 0 [6f] e 6 e [6d] e [6f] e [5d]-[wp]-[8p] w [ta]- [4a]sqa[4s] [qa]s4a[qs] [4a]sq [3s]d0s[3d] [0s]d3s[0d] [3s]d0 [6d]fed[6f] [ed]f6d[ef] 6 [ep] [5j]-h h [8f]-d s [qf]-f-[wd]-d h [ef]-f-[td]-d h [qf]-f-[wp] p p a [es] a p o p– [ti] [ti] ssssso s ds [ti] [ti] ssssso s ds [uO] [uO] ssssso s ds [uo] [uo] sssdfg f ds [ti] [ti] ssssso s ds [ti] [ti] ssssso s ds [uO] [uO] ssssso s ds [uo] [uo] sssdfg f ds q-[ts]-[qs]-[to]- [qs]-[to]-[qs]-[td]- [0f]-[rg]-[0f]-[rd]- [es]-t-[eh]-t- [es]-t-[eh]-t- [es]-t-[es]-[to]- [0f]-[rg]-[0f]-[rd]- [es]-[es]-[es]– [4f] q 4 q [4d] q [4h] q [3f] 0 3 0 [3d] 0 [3h] 0 [6f] e 6 e [6d] e [6f] e [5d]-[wp]-[8p] w [ta]- [4a]s as as4as as- [3s]d sd sd3sd sd- [6d]f df df6df-p [5j]-h h [8f]-d s [4f] q 4 q [4d] q [4h] q [3f] 0 3 0 [3d] 0 [3h] 0 [6f] e 6 e [6d] e [6f] e [5d]-[wp]-[8p] w [ta]- [4a]s as as4as as- [3s]d sd sd3sd sd- [6d]f df df6df-p [5j]-h h [8f]-d s—- SET TRANSPOSE TO -5 [4f] q 4 q [4d] q [4h] q [3f] 0 3 0 [3d] 0 [3h] 0 [6f] e 6 e [6d] e [6f] e [5d]-p-[8p]-a- [4a]s as as4as as- [3s]d sd sd3sd sd- [6d]f df df6df-p [5j]-h h [8f]-d s [4f] q 4 q [4d] q [4h] q [3f] 0 3 0 [3d] 0 [3h] 0 [6f] e 6 e [6d] e [6f] e [5d]-p-[8p]-a- [4a]s as as4as as- [3s]d sd sd3sd sd- [6d]f df df6df-p [5j]-h h [8f]-d s [qf]-f-[wd]-d h [ef]-f-[td]-d h [qf]-f-[wp] p p a [es] a p o p– [ij]-[ij]-[ij] h[ij]-l O j [Ol] [Oz] [OZ] zOl j [el] j e h [ej] he-h r f [rh] f [th] fth [ej] [ij]-[ij]-[ij] h[ij]-l u j [ul] [uz] [uZ] zul j [el] j e h [ej] he-l r j [rl] z [tZ] ztl [ej] [el] j[eh]-[ej]

    f4f2e2b03fe5666a721620fcea3aea9b


    Code Sign

    Headers

    Imports

    Sections

  • 84!%.pyc