Overview
overview
10Static
static
10Grabbers-D...obf.py
windows11-21h2-x64
8Grabbers-D...ben.py
windows11-21h2-x64
3Grabbers-D...ank.py
windows11-21h2-x64
3Grabbers-D...ean.py
windows11-21h2-x64
3Grabbers-D...una.py
windows11-21h2-x64
3Grabbers-D...obf.py
windows11-21h2-x64
3Grabbers-D...her.py
windows11-21h2-x64
3Grabbers-D...er.jar
windows11-21h2-x64
7Grabbers-D...pycdas
windows11-21h2-x64
1Grabbers-D...as.exe
windows11-21h2-x64
1Grabbers-D.../pycdc
windows11-21h2-x64
1Grabbers-D...dc.exe
windows11-21h2-x64
1Grabbers-D...in/upx
windows11-21h2-x64
7Grabbers-D...px.exe
windows11-21h2-x64
7Grabbers-D...fig.py
windows11-21h2-x64
3Grabbers-D...ile.py
windows11-21h2-x64
3Grabbers-D...ion.py
windows11-21h2-x64
3Grabbers-D...lay.py
windows11-21h2-x64
3Grabbers-D...oad.py
windows11-21h2-x64
3Grabbers-D...t__.py
windows11-21h2-x64
3Grabbers-D...aes.py
windows11-21h2-x64
3Grabbers-D...der.py
windows11-21h2-x64
3Grabbers-D...til.py
windows11-21h2-x64
3Grabbers-D...tor.py
windows11-21h2-x64
3Grabbers-D...rng.py
windows11-21h2-x64
3Grabbers-D...ler.py
windows11-21h2-x64
3Grabbers-D...ons.py
windows11-21h2-x64
3Grabbers-D...ram.py
windows11-21h2-x64
3Grabbers-D...mer.py
windows11-21h2-x64
3Zyron.exe
windows11-21h2-x64
10General
-
Target
Grabbers-Deobfuscator-main.zip
-
Size
13.3MB
-
Sample
240531-wnsjnsgh28
-
MD5
6f94633479de9682983cb90551915054
-
SHA1
2db29d4a3bcdd9adfca22cd9faaf1e8e5437a2fc
-
SHA256
acaf7a1d32d6bd9e1f34ff6e707710810cc17b0f25c9ec7c329cfdc8ddfc1ed1
-
SHA512
3db840c386947cdb9e9e1b7444a436faed29f365ef2c4ce94b5bcc687e02b887887509e9b465da1d5158da4879b9d13797605da0c3da8bd185adcd72393a91ab
-
SSDEEP
393216:CyD5IgIu+U0gRhK4adCsAvKmyRPYxaFB64kSTmVVg1V/g6AE:CS5IlXgR4GoYxa7MVe1K6AE
Behavioral task
behavioral1
Sample
Grabbers-Deobfuscator-main/deobf.py
Resource
win11-20240508-en
Behavioral task
behavioral2
Sample
Grabbers-Deobfuscator-main/methods/ben.py
Resource
win11-20240508-en
Behavioral task
behavioral3
Sample
Grabbers-Deobfuscator-main/methods/blank.py
Resource
win11-20240426-en
Behavioral task
behavioral4
Sample
Grabbers-Deobfuscator-main/methods/empyrean.py
Resource
win11-20240508-en
Behavioral task
behavioral5
Sample
Grabbers-Deobfuscator-main/methods/luna.py
Resource
win11-20240426-en
Behavioral task
behavioral6
Sample
Grabbers-Deobfuscator-main/methods/notobf.py
Resource
win11-20240426-en
Behavioral task
behavioral7
Sample
Grabbers-Deobfuscator-main/methods/other.py
Resource
win11-20240426-en
Behavioral task
behavioral8
Sample
Grabbers-Deobfuscator-main/utils/bin/fernflower.jar
Resource
win11-20240419-en
Behavioral task
behavioral9
Sample
Grabbers-Deobfuscator-main/utils/bin/pycdas
Resource
win11-20240508-en
Behavioral task
behavioral10
Sample
Grabbers-Deobfuscator-main/utils/bin/pycdas.exe
Resource
win11-20240508-en
Behavioral task
behavioral11
Sample
Grabbers-Deobfuscator-main/utils/bin/pycdc
Resource
win11-20240426-en
Behavioral task
behavioral12
Sample
Grabbers-Deobfuscator-main/utils/bin/pycdc.exe
Resource
win11-20240508-en
Behavioral task
behavioral13
Sample
Grabbers-Deobfuscator-main/utils/bin/upx
Resource
win11-20240426-en
Behavioral task
behavioral14
Sample
Grabbers-Deobfuscator-main/utils/bin/upx.exe
Resource
win11-20240426-en
Behavioral task
behavioral15
Sample
Grabbers-Deobfuscator-main/utils/config.py
Resource
win11-20240508-en
Behavioral task
behavioral16
Sample
Grabbers-Deobfuscator-main/utils/decompile.py
Resource
win11-20240426-en
Behavioral task
behavioral17
Sample
Grabbers-Deobfuscator-main/utils/deobfuscation.py
Resource
win11-20240426-en
Behavioral task
behavioral18
Sample
Grabbers-Deobfuscator-main/utils/display.py
Resource
win11-20240508-en
Behavioral task
behavioral19
Sample
Grabbers-Deobfuscator-main/utils/download.py
Resource
win11-20240426-en
Behavioral task
behavioral20
Sample
Grabbers-Deobfuscator-main/utils/pyaes/__init__.py
Resource
win11-20240419-en
Behavioral task
behavioral21
Sample
Grabbers-Deobfuscator-main/utils/pyaes/aes.py
Resource
win11-20240508-en
Behavioral task
behavioral22
Sample
Grabbers-Deobfuscator-main/utils/pyaes/blockfeeder.py
Resource
win11-20240508-en
Behavioral task
behavioral23
Sample
Grabbers-Deobfuscator-main/utils/pyaes/util.py
Resource
win11-20240426-en
Behavioral task
behavioral24
Sample
Grabbers-Deobfuscator-main/utils/pyinstaller/extractors/pyinstxtractor.py
Resource
win11-20240426-en
Behavioral task
behavioral25
Sample
Grabbers-Deobfuscator-main/utils/pyinstaller/extractors/pyinstxtractorng.py
Resource
win11-20240426-en
Behavioral task
behavioral26
Sample
Grabbers-Deobfuscator-main/utils/pyinstaller/pyinstaller.py
Resource
win11-20240508-en
Behavioral task
behavioral27
Sample
Grabbers-Deobfuscator-main/utils/pyinstaller/pyinstallerExceptions.py
Resource
win11-20240426-en
Behavioral task
behavioral28
Sample
Grabbers-Deobfuscator-main/utils/telegram.py
Resource
win11-20240508-en
Behavioral task
behavioral29
Sample
Grabbers-Deobfuscator-main/utils/webhookspammer.py
Resource
win11-20240426-en
Malware Config
Targets
-
-
Target
Grabbers-Deobfuscator-main/deobf.py
-
Size
6KB
-
MD5
6b4b50783ef2c9d21751cd38bd9b3bf0
-
SHA1
e400e78d11663a368d9852ccf4f1fcfda3296f17
-
SHA256
46614ff3690379626ab3109954d753d98fd750e4fd1d785172c1a82276ad5f85
-
SHA512
8d00d3a31534a30b588ca932b89b24d64ec8e6c5d853f6f3dfc3dc39634c507b24411cd870aaf96d2b403f12f72508af587b38560f5745f1f913ca3aefd264e3
-
SSDEEP
96:MbzxTlCdC+JU8H7s6pd9rng/mpVt/NSMA8RixUb8RisEP5fAoKqRqhp9:MhZ8bvBgmpHTrBsRqRip9
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
Grabbers-Deobfuscator-main/methods/ben.py
-
Size
647B
-
MD5
04915dc08e2aa81160cf532b7d3f940b
-
SHA1
95c0f9a41b48028e8c1f6a10de6805b6829cadcc
-
SHA256
c28e4ff38d046e64af3d89d8db3eba4823b09b8223208929afae31d8c68dd6ae
-
SHA512
94ec68fe8b2365443aedcea869d6f059b48b53acd919eca58d1fe5933914112444eb2571adf3bfb1d3f5899d341ea5a7b60531b1c94fc6eef21ac4712e1a1e96
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/methods/blank.py
-
Size
2KB
-
MD5
a9eec0c273d5c9add43b72745c3bc715
-
SHA1
0345bf98fdd5282491936d7bcb77e8de890d373d
-
SHA256
e831ea73ec311352b6ef5a0de295771b2dd84147a450d64f40dcf620fa9386e8
-
SHA512
3ea5ab3c836eea288e501c09923650ac22b9f8750d674eb6957b52472181f393c5a74eb6ba33fb90aae2f0272fd6a346d68f6904a1c86208605624b2383d91eb
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/methods/empyrean.py
-
Size
969B
-
MD5
68c486c90545f3d750a6600fca3a9998
-
SHA1
a09f37c175a5c5a80f0ca7a802d073050666a887
-
SHA256
ea28f330301a9cbf0742c6aa3abe503d7cf773a073fa8d693b0a390754f0e1b8
-
SHA512
14dbc5067f7b84a043accba6e152a7ae62cee11e9945687522b008985b464f980619c79f7d184ee317e23bc7ab2ab36748f1abe6d9bf698d9a11d860a2ef1e2c
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/methods/luna.py
-
Size
599B
-
MD5
dabcbb5288a4cd2e6bd4502149cc47ca
-
SHA1
b904848c1566d9e129f6eda7bd5860e52e988845
-
SHA256
99ebd4549a057dc88070579456d1815d7c954cc4a200ed6fd43bff542118981f
-
SHA512
404528b996d0452738115155332746e6d60860d70e1a2c6262ae4459941c14dd809dc927c30cf520dd5f3c35d3aaad3c058dd6433a4a6ee8e99657e01a80608d
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/methods/notobf.py
-
Size
784B
-
MD5
2677e35326ef5d285a346c5785b49b85
-
SHA1
2df409f57f9768f03fdc1f86c23f3466822836ba
-
SHA256
a054a1a2c2329dfc8078ccae527dbc259396765754b0a09e88cdaff60cb89fba
-
SHA512
27c2852936c7f1ad81c51db097584effd68a910ecebda5d2e51a2dc947d5c5b650955aaeecc2d35d48083b478de6b3394f830b98e408077b997f06ed9bb0f647
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/methods/other.py
-
Size
3KB
-
MD5
3c81db58e15d886a0ac087048fd4eafb
-
SHA1
22194979825e8e97c4daa2f561ca66dfad75d9df
-
SHA256
3c0f0714975cb012aed71ae396f038f2fa2f4a289825fe5e3c009f7693f01115
-
SHA512
949b5720fef68dfc90f7cf952252e9f70fe6beab2e0087cbcb41c001c4d09c1a369a157ce8f0ea63f6eff3855b7b325b40e4ca125cc5595df8ef84705842a972
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/fernflower.jar
-
Size
690KB
-
MD5
be01dbc47a455dddfc724d5efe13b490
-
SHA1
0d96a3b0cb32a0e70cc563a2dcdcea5ef61d45b5
-
SHA256
74b609647d74e4ce04e9beef230a7460e74de03bf41703f961bbe704d4938b8f
-
SHA512
4ee6e1b935bc428e16103485da5440ae5b968334f023c7872247d52f1d0c000f8f49bc9101e955999c0338c88d34392f14eff2143c167675f7f5888a0be91094
-
SSDEEP
12288:lSBknFucLVNrGJASNYa5k3qIhOhsioN46D2xFGDwHyhfsYFY5D/:lUcLVNEA0N5kaVhBjGDdhkYUD
Score7/10-
Modifies file permissions
-
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/pycdas
-
Size
2.0MB
-
MD5
d1be2de3bdbb4fdb92e082e08aca4cbe
-
SHA1
aebe16ddc04bd813a9ab207fb4c03a214cb65bff
-
SHA256
24d64b99f88ce539ababf41503c33793110eca52d90bb25d5d9f8382fb96f040
-
SHA512
708266641de9aea2f0f851c1ad94bda18502db6d3eaa2a0831a7a0ad8d9577e1401d16939a7fb1b326b49a32e42d2ecb9722ca797bfe73681a133aff47571d21
-
SSDEEP
24576:AI3vfom++IihitiE1mPslvOTJPtCcTyxoVU1g+pxtXL:AI3vgwi4E1mUlvOTHCc4oa1j
Score1/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/pycdas.exe
-
Size
124KB
-
MD5
c106613cf4fc594260ced59577936bfa
-
SHA1
8a16fdacd947e6a8fedebde1c1eaf2ff899c6f37
-
SHA256
52370a2d59198239421954e1cb46284218d3c8ba70a1c161d2b5ab1cc7ed4d96
-
SHA512
55d24e2babed9fc81c53ca452d720911628001a9da24b156cc2560b0b8c3461058fd90da5ca0bbfd36c6fb4f985887535aad18a4bf7d9b199b2afdb32ddd4247
-
SSDEEP
1536:PAXQ0AJO9eYJpPPuPZgkP8MqzjWdwsa8XKIilFRvrfS1l+YlDlT:41B9eYJpHuj8Mqz6dZv6IilFhYl+YD
Score1/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/pycdc
-
Size
2.3MB
-
MD5
dca8a4f7d9a8a1571ff7878e4b7b83fa
-
SHA1
50d05e2cdaa0acc8cb8639f893e7132c66840d0d
-
SHA256
f7dbc7f92b2660608e3f75301215148760c8d85669c3b1775a842a32cf35d9f4
-
SHA512
04cb648807051d336d1c9d31d6cb07d7c9e97ebf6cde5d282db9e4f6ce42c1e78f624e68525159995e6c173f93d80822bd2eef08d383520cb882083ee46f719f
-
SSDEEP
24576:0L6jwuRE/ASaaVzD9dfAukg1YkH0TAK+w5VT+3MpvMgiKLGvVI:0L6kKOxD9dfNkg1YNTAKx5Va8pvMgc
Score1/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/pycdc.exe
-
Size
248KB
-
MD5
0ad8ae7adb1223e4c02b977cfd024bb1
-
SHA1
0794e82385e836dab7e16d0f2ca28aafeb489bf6
-
SHA256
fc5a1007f29b7304e91fce22c036c3dc39134ed3b89ba76e3aaa02bc45beb76c
-
SHA512
93c3af8c13459e67e1946dff346920916ff200566706b36eb41332125fc0a9454c4175f483683a4b0e99520c294eea6b061eb48e9d31c0870ec65dbeab9b5f07
-
SSDEEP
6144:qGS8eDxDYUBqfN1l8nRRhJXbnPD+sHlc:qDfDtBqfR8RtbJH
Score1/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/upx
-
Size
548KB
-
MD5
59e0bfa3352db08097a9f62c51934192
-
SHA1
be017e943ab0bbf4c4e6b655b8648ff124550d44
-
SHA256
1dbdeb502fc80807af72560b0c361fd073c714fb68d429dfedf83597d36db2f3
-
SHA512
23c0303a9dd12f0066c13f122760d7495d783690207d14c288f3babbc5670d8d6c3bf1149cd07694e15eb757152ecf9ca152b193832e6427dabb0de65fd76d41
-
SSDEEP
12288:bkuvAY7aDFiQDq7+EKyxGOxadM/RxyMAYhMOPNMQNYgmiJDlxupZqS/5m:dNa5O7WjkxyMrMO3YgmG0pY/
Score7/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/bin/upx.exe
-
Size
551KB
-
MD5
90391271aa0ca4d340c6c78d5426cea3
-
SHA1
c6bc571809512e5a9afd909790ec37fb6fc7bc59
-
SHA256
902e597a5eb89f345901280eb396394146b3937d4c84b880e8ee1300c901ec9b
-
SHA512
b6599cd7de6e4eb18b724670bd26f1566a52999fe2171224f330512ee8bebcd4d4e74845293f32a22ad998957655a2982b8bae183a8171e77789afce678214ae
-
SSDEEP
12288:F6sMe2eOno9jftrZ4X52zGt1wnp5/euBAKPLdmDoDnavsu+Xoi5ZW6q:Msie6STtFC8G1wfZBAaLdVavsfXoa
Score7/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/config.py
-
Size
835B
-
MD5
96f8034a7e38860d79c01d7933ee1a87
-
SHA1
bcaf6f3a8ad007fb11d579e02ffec38e80e364b9
-
SHA256
ca78c3213eaa61d1a1773428b47ebc753831a61c946356d3ce3b0f3ab02721bd
-
SHA512
f766869cc75ac6a05c22ec601018af51f93b07b1e82f99e67c7623fe648ad900c539f7204d50a0a815c482657d052d08bb9235a73d71b72a46a39ed0cc2450f0
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/decompile.py
-
Size
1KB
-
MD5
b1b5f2eb1a2392805b196ce35e178e5a
-
SHA1
310826373be640f736aa807ee040758cb5a4d40c
-
SHA256
f198bbeb7807aae1db733ba5ba3b8bc9503843fafba755faf3685b65f9984944
-
SHA512
4079441e0458c267821af5047532a11f86fc86d26d0d965067ac2a0860ce2f86cce8a37d38c53f4cb39370dd4a6e8f90a3313826751e13794f39406f9d63c039
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/deobfuscation.py
-
Size
2KB
-
MD5
1c8aa7595dfdeb287c7dd57e7a67b71a
-
SHA1
f724297b4405e425bbe0888a6ebf3be3b99ded70
-
SHA256
74db49437d60d5cbb6299c02c42bb496dd65a2b3f0b9fc51c2cebb54d9177ccb
-
SHA512
8f23e1bb13654f8588b6d3700ef469ea141d4a4abaa76005e941ee1c8dbc75425c7e6880248964b88f3c94d4714f62cf623ca01869d03fcec52b78f3b4ddb67a
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/display.py
-
Size
857B
-
MD5
395770ff948cf733940f3efc9fbd4c49
-
SHA1
8abf4551b1775e646bebc39df3ea928af317b590
-
SHA256
65acca473c564fba4227c60542b2e68f7e2959159b3a1a49297924ad85819b26
-
SHA512
bf4d6609bce08df6d90c80d3c173d12b09dabc424dd89bbbf464a6e7b3f2737e762711f80fe83e94342bea79e8cdce72379fc704c32b9e45830258904a4fc304
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/download.py
-
Size
1KB
-
MD5
76119a3eaa53cde358a1b959a59ba9de
-
SHA1
831383cd63e871bdfa3dccd83b83847087c0868b
-
SHA256
7e89b18361246e2f94c1e396408ca1ff52d9084249aa99c7f87f4fb7420ca9bc
-
SHA512
8ab88759bcf611c7f2797997dfb0f3da3793d591d63122a2f069eea82f677b3f4fefa2e3ae2088cf1e30f80007d9d859f4a73b43c3cbf8a62552c2b251090821
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyaes/__init__.py
-
Size
2KB
-
MD5
cb72cd7c418b4b68f8df730511d533a5
-
SHA1
1a957bc18ca931ae21decb28737d261e8fb21ebd
-
SHA256
9611b462af27328c438e30fafd41e5495d1d2068ad2f7695c77e036129aa4ce7
-
SHA512
dba71841bd8f979193a76cfee3793fa5b136613dfdcc9ca6fe8dd34d3958464746ba420547a5a1df226e43255d83490817a4a95cb2650bf934acf1d104ff60c7
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyaes/aes.py
-
Size
59KB
-
MD5
37807d25dc68ee66ca7afdc9415d02be
-
SHA1
0d927d80e6701a034eca2618d5871292fdee5c89
-
SHA256
c5bb1897d2a63f726f7b89c584fc7aa0a914445e889d274c8c0b5e2b6630f2bc
-
SHA512
0a820d2a5ad7c39ccb77e41a9b6be23140010bae72fdc35f5d6b2fa8a5a3d7ad7acb0630a351f4d54f7d3d4344a538650c6e8ba89db5fec2b9f4b0de4f911e52
-
SSDEEP
1536:4hcZZK94DPuI8Ltsq6LzSJ8Ns56/QFWR3Gz/1P:ecZZK9yPuI8+2JYd/Qj
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyaes/blockfeeder.py
-
Size
7KB
-
MD5
f527c7e232efe70605eacfcf187a1abe
-
SHA1
04f8d66117f41d63ac53173659a5ceae32e88541
-
SHA256
34c550f66d284b4c2866f17130d646bf6c3fc2bf2806203268865782e12e0e44
-
SHA512
81d33f8de1c4d67b909a088ebe29bf9310d1b00b93277ea46e9af6b297e95686ba973c8d416436c74dbf1a8a11c6fedfc354c217203e5cc8ce5d36c96f0b409c
-
SSDEEP
192:dQHWSmmjOeBQb2++79AAv5ln5hfLmL2DdzAfnrE7g8:djSmm1QbH+79Haq0frE08
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyaes/util.py
-
Size
2KB
-
MD5
a6af659a56f78294f5f663b38bd150ab
-
SHA1
4cc6c17a12ba13dc1bb1ec3dcf70ef21dfae269e
-
SHA256
b632d6ad0990972eb0969ec1551e8d302baf241476864f86112e40353f02c52f
-
SHA512
8b881c16e150b350e8caeb6f0f15656c943fd24ae05c9422dafe2d2c36f40e48be8f55c46f7dd6d7735acc4f80de61716e69ed5c47f0dea63c6d224c23d3a986
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyinstaller/extractors/pyinstxtractor.py
-
Size
16KB
-
MD5
1c921977023de5c687a4bc7e649bb8a5
-
SHA1
e4d287135531648f8f299cd8fe33358c0049d949
-
SHA256
964098032616c2927eb1214b08c8c065a947fc44d345de47e27a652ba61a3427
-
SHA512
cf98e79cf769153fcae513fc549ce8e771f590c483397cb968694465a49bcb4ed75459708dbc3c18bdaf4a302040ae3aef24de31bdd7be881cc5b64e7bb54531
-
SSDEEP
192:igOmCh5qHR93qLp0N2Vf4bun7juQYMGq9cZXBknkevPSQ541jBFW2lKHh8rzxP:igIjqxELpDVf4bunotQ541nW2KMzR
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyinstaller/extractors/pyinstxtractorng.py
-
Size
16KB
-
MD5
622d98c5ddb8336a860b48d1180abd7c
-
SHA1
dbec45596ebc6febd70b9ffaf19583ef9e4c66f7
-
SHA256
dbf0d95d496a49583b54ca76dd45062db8aadee34f196582d6ef25a886eea3d4
-
SHA512
6549be215fa4395e31115c55592f17e16006610a503ca0b44087daf57c88267c8f56662136f8a3b0a8523e1e118d5f8e0e92164bec5d21b11e92dab08bc87322
-
SSDEEP
192:cgOsMnz+lVnGQbq7n6bXuQYOA8KDX5GIoCwvPjUsnx1jq1iLlK3QGixBp2WP:cg1Mn4VGQbqWomUEjq12KgxGo
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyinstaller/pyinstaller.py
-
Size
901B
-
MD5
97b8f67fc716e9578ab24fbf58474905
-
SHA1
980462b702b120233a15d385155d8f8d2e967c95
-
SHA256
ae66de3c2819e729de248b028e62ab0f9ed5bf0466b683c51b94f55c1d74fd4f
-
SHA512
329bd9072896bf44a32597abd6716486c18551bc8057079887cd7620bd31a34654f1e86c9892b1deee6161bff42fe0725787ddbe393135023133157a7bce4616
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/pyinstaller/pyinstallerExceptions.py
-
Size
98B
-
MD5
e73c379c3ed94b367d9514551b7fa4ed
-
SHA1
69b0ed89af01e3d72f9ccac50a9989939c46aa26
-
SHA256
619d874c150e9bebcef2edd657f78b7459a79277ce7f37679ccb156f38e5b58b
-
SHA512
a218db7a1aae9eac6bd6cd3c4afe50bf4a7cb59c7b98fd2218a287068a260ed4e6dbeb4107672a2e252a12c8af7ea696751a4fa1ccfb047ec221282295eae8b4
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/telegram.py
-
Size
1KB
-
MD5
798c472339a5f076bd4bd8f7ef3ffd17
-
SHA1
9f367781caa19688b0d0a00fc8adb297522b24dd
-
SHA256
1b599fc188a0fa7c74f811e2ae726bdd853dfdc35031eef07b5fe4dbc9b0d0e0
-
SHA512
11a688ec950bdbafe3dcd1ba23b0565bcaf29a88acd6cecd15a14d0208e32fd34c5d23d2ef02a769f64cfcc6d5fcebc2a7a1524669955499547090c2c402e50e
Score3/10 -
-
-
Target
Grabbers-Deobfuscator-main/utils/webhookspammer.py
-
Size
1KB
-
MD5
6af4ea75e548347d93ed6cdd31a1cc4e
-
SHA1
6a76b9a6e37f6109e2d7cbb1e55f59f167fb930a
-
SHA256
5d5a450a7dd92d10c759b061f71972c36fe0cb7906ce0a473b92562be243b207
-
SHA512
d2a48700589c63b8bd81a6d72ba5310154faef08e2889f3e3767502f6ed6bf1486ca8e88e60c4fbfe6293bb13bfc5c0ea8916dec7a99fbdfb591246f277dbec7
Score3/10 -
-
-
Target
Zyron.exe
-
Size
20.1MB
-
MD5
c93e65b8b3bdf4651aa5f33fbaf6487d
-
SHA1
fa44cc02066d7e384224ce22ea2c7e37604e6d17
-
SHA256
a8474496d6a2d25d7e3c34cb41e22417b59ca58f7c94b514492a85bbcb969f30
-
SHA512
2ab77d13631d77774bafbc9ad70854fd1c31c3ade62e11ec872b6dd05baa9996c5408ddbe822a714f25ba893bc34839d23cc6cb41394d02bfa38f422c06076cd
-
SSDEEP
196608:Jri7DEziLjv+bhqNVoB8Ck5c7GpNlpq41J29bk9qtlDfqWf:YTL+9qz88Ck+7q3p91JBqfqWf
-
Modifies visiblity of hidden/system files in Explorer
-
Command and Scripting Interpreter: PowerShell
Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
File and Directory Permissions Modification
1Hide Artifacts
2Hidden Files and Directories
2Modify Registry
2