1e3afc6bfa582c9bef7aae3886506fe91ea607f100d8515406131b73ffd8d68d

Sharing

Copy URL

Twitter E-mail

General

Target

g0thgrabber-main.zip
Size

894KB
Sample

240707-rg5s7swdqh
MD5

447b8b71d2b33d0a4a2758bf9ea4c6ae
SHA1

8fe2b8c9f9d236c0f06e65d0d6987585cd6f2684
SHA256

1e3afc6bfa582c9bef7aae3886506fe91ea607f100d8515406131b73ffd8d68d
SHA512

e401b695264c5baff1e774f8bb3bdcaa966692c90989cc312451a0be5982014a77db83702c7fc14f94ba3d92bd3cc769337afea809cc980adc9884dcc65aa6ca
SSDEEP

24576:ERsfyj7JHdGWffvTbkrqAItD6b6D8J7kbn0R:EufyHJ9pvMr8D8YbC

Score

8^/10

upx

Malware Config

Targets

- Target
  
  g0thgrabber-main.zip
- Size
  
  894KB
- MD5
  
  447b8b71d2b33d0a4a2758bf9ea4c6ae
- SHA1
  
  8fe2b8c9f9d236c0f06e65d0d6987585cd6f2684
- SHA256
  
  1e3afc6bfa582c9bef7aae3886506fe91ea607f100d8515406131b73ffd8d68d
- SHA512
  
  e401b695264c5baff1e774f8bb3bdcaa966692c90989cc312451a0be5982014a77db83702c7fc14f94ba3d92bd3cc769337afea809cc980adc9884dcc65aa6ca
- SSDEEP
  
  24576:ERsfyj7JHdGWffvTbkrqAItD6b6D8J7kbn0R:EufyHJ9pvMr8D8YbC
Score

6^/10
- Drops desktop.ini file(s)
behavioral1
- Target
  
  g0thgrabber-main/Builder.bat
- Size
  
  1KB
- MD5
  
  4fa25ae2330a5efb3d4896f58423d64d
- SHA1
  
  1d878c526b07a91de9e14c618a367ce9ea09fec6
- SHA256
  
  f9ae2ed3d2222feb2c50953f69a393469703581922506ff3fbdbc4223ef52d92
- SHA512
  
  4e47dcb0c8ade6c47196eeed217c75e1f7eae477decf587379cd8f96488d7b9ffc3bd0f3e21def6e1419b54d72d3900e16f3ce52205cc15f875e06cba0436440
Score

1^/10
behavioral2
- Target
  
  g0thgrabber-main/Components/cert
- Size
  
  9KB
- MD5
  
  b769e370f66299bca7f86932bc24925f
- SHA1
  
  b4d882856a109412ed64c2449f51eab4697c844f
- SHA256
  
  090b03e1ff82d53fb90c3776be756465d6bc4dc04b164348eeab703a72bb2243
- SHA512
  
  a8e6b45c9623739b170aff0ae9109ceaa02ae1f1cd2a5f2ceca78c9b3446de010cea66afe2128795f441c91105fba5eaf4ba91991847f3874564d020a087ddeb
- SSDEEP
  
  192:QpPIKfhig1R7JNfVZCg2tDKZpZfH0JOqsmVgz28WhBqA/v:QpwK3PVZAD28JN77hhd3
Score

1^/10
behavioral3
- Target
  
  g0thgrabber-main/Components/config.json
- Size
  
  975B
- MD5
  
  5809ed90c1e614ed88676332e0065a31
- SHA1
  
  20126c80834febbcc43bd0f951cd7c0f42d0b69d
- SHA256
  
  3f291054b54dbaddea333c6fe6bde9b15670325237dbb5620732b1ebf8039d91
- SHA512
  
  daa2ef9a6c32794e07dd0677bb2c43580e36c9dd877665faa88691673d953ecba3a0a8ad520cb0a666d0b8ef7e8b406f38249abe2740850aa612f26b421317ac
Score

3^/10
behavioral4
- Target
  
  g0thgrabber-main/Components/g0thOBF.py
- Size
  
  5KB
- MD5
  
  8e787b03aba24a78a2cc9ee54568c1fc
- SHA1
  
  d37d3a07301c90034e6e0870166b58f2e7503c12
- SHA256
  
  7119ad2ac6f68ab8e9bb48d5f43e8a9d8457237e479463a828457923e0d9e7eb
- SHA512
  
  8e2e84af11e56350926e6976845ec7cbfe05538ea8b00813a857e6cd2f3d895abe4dd7c905d512ab6da7ee741c341de6369ac871bc2fa1c9718899d18ca45045
- SSDEEP
  
  96:O654cd62hK9FFZ48PuCJYBu5o/L6oUMOQcW:OM6Us4G8Io/LBsQcW
Score

3^/10
behavioral5
- Target
  
  g0thgrabber-main/Components/loader.py
- Size
  
  633B
- MD5
  
  07359d173ab5467887b6257a73bf1fb4
- SHA1
  
  195c04a9352e3bd2260eeb2851a81d17c205746a
- SHA256
  
  63db5dc6409acd9550873b6fa2dbddeb88ce51b6b33c5beb9bd0042a96c42401
- SHA512
  
  b35a2d25fdbbba07fa1e0eb0147079e5a324e05744501f50a418b9dcd4b02422954204ad386f670ca4a84e6cbe68ea3fb794428edb17fd0e0f0e50f9bd032ad6
Score

3^/10
behavioral6
- Target
  
  g0thgrabber-main/Components/postprocess.py
- Size
  
  2KB
- MD5
  
  bbed9f3d87c4927b2b2bc16a6ec4da51
- SHA1
  
  c3bceb8a6fb5207abc75039e5a66afbf8324cd8f
- SHA256
  
  72eefc2defd861c48721f235717a0f8de430ea8f2bc290b429cfbdc906ba539c
- SHA512
  
  352cd87d379e0a338d44f3933b6b135a36ebe83607157dfe28330ec2c03c6b2bcbbb2d43b1a06487675eea662c76084b3f9777f5b8d0c9132d50869318fc3c78
Score

3^/10
behavioral7
- Target
  
  g0thgrabber-main/Components/process.py
- Size
  
  8KB
- MD5
  
  760367c1e36fd86db492162f3856dfc5
- SHA1
  
  51bdc48145f4702b255dd2130dd99889fcca8da1
- SHA256
  
  9c7202fe560d9ca5b3f2d840a21c359d98ffaf68dbb8bf8fbab2776b12ac6bdb
- SHA512
  
  84125aa488abf3a500388857c466bd5606821a59fd711823273375e4507509f5eb80942f795fc6e9730d07b6be15e1f9185ab81fc8f4db0b23dad7e38f154dcf
- SSDEEP
  
  192:Ltw1auOoI8I+IQI2Iz2Iym+IyIQICI0IiIgIcI6ISI+ISIKG2I0U0F+05dkIMN0N:v3iE9pV3522EQTq7o4mG
Score

3^/10
behavioral8
- Target
  
  g0thgrabber-main/Components/rar.exe
- Size
  
  615KB
- MD5
  
  9c223575ae5b9544bc3d69ac6364f75e
- SHA1
  
  8a1cb5ee02c742e937febc57609ac312247ba386
- SHA256
  
  90341ac8dcc9ec5f9efe89945a381eb701fe15c3196f594d9d9f0f67b4fc2213
- SHA512
  
  57663e2c07b56024aaae07515ee3a56b2f5068ebb2f2dc42be95d1224376c2458da21c965aab6ae54de780cb874c2fc9de83d9089abf4536de0f50faca582d09
- SSDEEP
  
  12288:3lPCcFDlj+gV4zOifKlOWVNcjfQww0S5JPgdbBC9qxbYG9Y:3lPCcvj+YYrfSOWVNcj1JS5JPgdbBCZd
Score

3^/10
behavioral9
- Target
  
  g0thgrabber-main/Components/rarreg.key
- Size
  
  456B
- MD5
  
  4531984cad7dacf24c086830068c4abe
- SHA1
  
  fa7c8c46677af01a83cf652ef30ba39b2aae14c3
- SHA256
  
  58209c8ab4191e834ffe2ecd003fd7a830d3650f0fd1355a74eb8a47c61d4211
- SHA512
  
  00056f471945d838ef2ce56d51c32967879fe54fcbf93a237ed85a98e27c5c8d2a39bc815b41c15caace2071edd0239d775a31d1794dc4dba49e7ecff1555122
Score

3^/10
behavioral10
- Target
  
  g0thgrabber-main/Components/requirements.txt
- Size
  
  40B
- MD5
  
  0717875d7e142fac144ac1e71d4ac6a0
- SHA1
  
  a2b84254a7234831d5b50b5542d7c0e440b654af
- SHA256
  
  c835fa03bbf8b1fea4dfea6001146028562a6716f42e3a8aa33e5a22d130350d
- SHA512
  
  6c976e3f4a047895173b4165ca88449536abcc6b95e4889b528290420340500e8f4d1f0cee38ec65ec1e2a8d93e8fdbe88981c077b5357c6bd0e91da8b3c1677
Score

1^/10
behavioral11
- Target
  
  g0thgrabber-main/Components/run.bat
- Size
  
  1KB
- MD5
  
  958429472f54a4aa401df46a3dd72461
- SHA1
  
  e2c0bf03987300bc19aa54e3b226f49ab593566b
- SHA256
  
  812e04d78ab5e7e46b7ce6b2a5a4539478542ef733ee2c149e0eafb975c7dd02
- SHA512
  
  4601f51619a0c4fd1c470d98ac9d8d97e0e91a38896c37c2b2c656bd9afef6851504d3368a3a9ce4e2ac6331dac9ea756937d664eb00b3495be435ef79f5de13
Score

1^/10
behavioral12
- Target
  
  g0thgrabber-main/Components/sigthief.py
- Size
  
  10KB
- MD5
  
  57156b83bcfa0c8cbc0fc36aa02a1617
- SHA1
  
  a6aaf0f1e05924e6c6a27918f406c620cacf7a01
- SHA256
  
  caf899aedb2b0fe154de2223d86604380d2cf4a47406f881cca680c8a4b063bf
- SHA512
  
  63b8944298cdc7323ee7b193efa75018a759d10c6933d430ad62779231b9daca6b2dfd0fcac8e69b5846474b83c1deae5b82606d88c26bebad5bb31d50ff883e
- SSDEEP
  
  192:J/j5U9+6E0yWYSF/DwI6CRH2dCYwqSfU15dkAJH:J6yMSfUU1l
Score

3^/10
behavioral13
- Target
  
  g0thgrabber-main/Components/stub.py
- Size
  
  102KB
- MD5
  
  cd993c7afd42f41ce14b76a6b0eb5b16
- SHA1
  
  ec5729f2c87fc40ec2e08752f2ee5051521fc4c5
- SHA256
  
  688c9c4851ce5bb6335bbbee5b75689e0060ac9f8eb0cd26f49b1f105e3ace61
- SHA512
  
  4ea37d81634593e80a0814b0a2496d6fe765e6acbcb96e9498499b197d90e87f61dfb6c9ceb7a82e3307bffe974db839f995068c4b41914e29732cb3cdd0c7b0
- SSDEEP
  
  3072:dzqOZtqMnSAmVGn2kY4iajQmsD+ABKPXAZCx:dqO8WY470BWx
Score

3^/10
behavioral14
- Target
  
  g0thgrabber-main/Components/upx.exe
- Size
  
  525KB
- MD5
  
  8a98406e32ed6139bd9e75342d452948
- SHA1
  
  ed77737b88a7351d0bc5f542ddb7ce84f8f95588
- SHA256
  
  a4240ea0e8a916d15f8391edef9705ab4de1f516dd360f0a336c5358686d434b
- SHA512
  
  f5b17975560d97308a6ee66845225715e82bade9df7bc36821c76fe67fcf8d22929bf21b85e28dd11b7399d0109ab1f3786fd2010c2e5023d3a93d2bd5cf678b
- SSDEEP
  
  12288:fOHsWPQsJdQmiR0eYG16fyP8RHzS75CaNgMYqIW7I2:2QmiWK16rRHzS7U6ip2
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral15
- Target
  
  out.upx
- Size
  
  2.0MB
- MD5
  
  6f9617311d2fb9cbbfabc57ed46dbd14
- SHA1
  
  899b535d0d942c60d2d95fa4cbe4a80408ccb8bb
- SHA256
  
  a84e70f79c993beadbfcade43bf51f63d841ecd27eaced77c0976e70fba9de69
- SHA512
  
  1a71de62b8e6798889525ae3479322d93f2aaa35075adefe49d4d820b9542955ae15638046c78ab83c02da628140ece11dab30c1939e440f5260a012024b277b
- SSDEEP
  
  24576:Y7J+UM2Sqzae2jctbEjviXrGBZUlOQeZp9G9SPkeDkFkH1:dUBacRiBiEQGP
Score

1^/10
behavioral16
- Target
  
  g0thgrabber-main/Components/version.txt
- Size
  
  1KB
- MD5
  
  dbeadc0f19f3e284489e638819266912
- SHA1
  
  592d7f9af3cca9b530146782ef53f24a7d771570
- SHA256
  
  bef1789c0dc34badaf2873723b7baa81fdfd9fef2fe41aad720d389fe0587955
- SHA512
  
  4e979ddc856ebb42ca63f52287fef175fee7e7c69a0ed4e28fb8b297d1c3fc1812b9bbd641bb1b7dc3d68b13d43881970682a59abb7e0ae5d509cbb76e2d751d
Score

1^/10
behavioral17
- Target
  
  g0thgrabber-main/Extras/icon.ico
- Size
  
  14KB
- MD5
  
  99becfecc68d58a1b1fcfe70e659dc06
- SHA1
  
  9523e7dd4192ed13d3e3fec87f7f9a9f3a3ff2cd
- SHA256
  
  53cdc2e84e0e66a974afd8ff9121cd9ff9292db171781ee968025676d8bbb40d
- SHA512
  
  c8bdc1de657a91e118639074d915050b582d3ad36778a72b3a2a9df491140e739ba2a16e60ae6c7e7de893f586ab89a86eead0662d26cdc11a6486d5b8a32f53
- SSDEEP
  
  48:jJaIFaPsa/aPmIC2AajafeaJ0XvaCF0aoa:9aGaka/aPOajaWaJ0XvaCyaoa
Score

3^/10
behavioral18
- Target
  
  g0thgrabber-main/Extras/unblock_sites.py
- Size
  
  1KB
- MD5
  
  0d1019573b112545f9fd41a4e0acc342
- SHA1
  
  6ab1685e4d4aa3d16307325da3c8c6a65cc1cd2a
- SHA256
  
  bf5c32f73990a16835b5b91f08647617dce973a68626ee4921bc5e2c5a07cafe
- SHA512
  
  d4cdb37acabfe9013aa8cdec6cce9040a9d9c2b52570fa45f1a0750c29860b161d0446ded2d3f31c61676f42ab2be7c01c8cffc09ae64126510ee2d484e1c561
Score

3^/10
behavioral19
- Target
  
  g0thgrabber-main/README.md
- Size
  
  4KB
- MD5
  
  4fe72f361b6224c11c18c02a43eec045
- SHA1
  
  b648f572aaa4a498b4cf3f9815ff2607683f7811
- SHA256
  
  77f9c46914cd8a524d20ee7a5bf119db3cba56194523c05b62a5bdb49b84e42a
- SHA512
  
  eb6d3aef4faeae8480fd1adaf500603a795325f4d0dc2eb8139e7bf756c9d8cd2e3102c466c07db545beafaaa0e8e5f6c8960e133c7c31f0871023bb4938aa77
- SSDEEP
  
  96:LaQSspY/0HwhkfjrgOY1FAXdi9kiPQcciXXP09mF:pvH2k7rgXaXU3QY/0kF
Score

3^/10
behavioral20
- Target
  
  g0thgrabber-main/gui.py
- Size
  
  37KB
- MD5
  
  0c7f7742b55510a1b36eaf8d2f1cdaae
- SHA1
  
  8e783a5924f76e628c83036ad79f14485ffb960b
- SHA256
  
  c5105874b067907c4ed56e0ee248d830d3996839bd7137b615bc68a7cc642961
- SHA512
  
  3cd1eba6fcc4481e37851d2ce8ce56f56380ee9ebd5f8c53c8a3d77125ff33f1f424fe6503ef10f7003ab739c4c70a4cd7249bb92616e37d54f0b259731a60c7
- SSDEEP
  
  384:rRwBLdtPNbwhxFGbqWtYh6tr9f2L+vMPNPtLoPjW6PjLK7bA117TDtOycaEC7awv:rKnNbwhxFGbqWtBtoRSLGJwaMwY5
Score

3^/10
behavioral21

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops desktop.ini file(s)

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21