Overview

overview

8

Static

static

8

Dark-Grabb...ler.py

windows7-x64

3

Dark-Grabb...ler.py

windows10-2004-x64

8

Dark-Grabb...der.py

windows7-x64

3

Dark-Grabb...der.py

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Dark-Grabber.rar

  • Size

    4.6MB

  • MD5

    b440cff3cd134887c5775b456d3d6e5d

  • SHA1

    b568fc7d7999de38c353ee50ab6a03996e4808f1

  • SHA256

    be88d07a75250c849e3f30ea61f609867d72ab7021ca75eb9669434b7ad4d5f4

  • SHA512

    28605ffe5604ceee56f8f061eea960bf7033c4a9be324bd12eb4bc3cdae872317873c4d19a3aa0166a634c26f101b814605a63649cef6a57d3d01a4fde0d8aad

  • SSDEEP

    98304:ewWW/PUaWcWGCa2cRB0vRntyd0X0twWW/PUaWcWGCa2cS:HWW/PUaaGfMZnto0RWW/PUaaGfS

Score
8/10
upx

Malware Config

Signatures

  • Patched UPX-packed file 1 IoCs

    Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Dark-Grabber.rar
    .rar
  • Dark-Grabber/Builder.py
  • Dark-Grabber/Components/BlankOBF.py
  • Dark-Grabber/Components/cert
  • Dark-Grabber/Components/config.json
  • Dark-Grabber/Components/loader.py
  • Dark-Grabber/Components/postprocess.py
  • Dark-Grabber/Components/process.py
  • Dark-Grabber/Components/rar.exe
    .exe windows:5 windows x64 arch:x64

    9a33888e10929c185d02249d2b55c15a


    Code Sign

    Headers

    Imports

    Sections

  • Dark-Grabber/Components/rarreg.key
  • Dark-Grabber/Components/requirements.txt
  • Dark-Grabber/Components/run.bat
    .bat .vbs
  • Dark-Grabber/Components/sigthief.py
    .py .sh linux
  • Dark-Grabber/Components/stub.py
  • Dark-Grabber/Components/upx.exe
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections

  • Dark-Grabber/Components/version.txt
  • Dark-Grabber/Extras/hash
  • Dark-Grabber/Extras/icon.ico
  • Dark-Grabber/Extras/unblock_sites.py
  • Dark-Grabber/Installer.py
  • Dark-Grabber/Mod_Builder.py
  • Dark-Grabber/READ_ME.txt
  • Dark-Grabber/config.json
  • Dark-Grabber/env/Scripts/python.exe
    .exe windows:6 windows x86 arch:x86

    f7365c635306e324116f7095b34719e1


    Code Sign

    Headers

    Imports

    Sections

  • Dark-Grabber/env/Scripts/pythonw.exe
    .exe windows:6 windows x86 arch:x86

    8d44eb44f1d03b5cffc3a966d5470916


    Code Sign

    Headers

    Imports

    Sections

  • Dark-Grabber/env/pyvenv.cfg
  • Dark-Grabber/gui.py
  • Dark-Grabber/images/icon.ico