blankgrabber | 128ccb35e5917e63b851fffc587d5ec1ef664699cf0d71b386c6bdd1ec68169c | Triage

Submit
Reports

Overview

overview

Static

static

Boostrapper.exe

windows10-2004-x64

8

Sharing

General

Target

Boostrapper.exe
Size

46.0MB
Sample

240821-drbq8axdqa
MD5

493beeed91039ed0113494af5f893735
SHA1

83ec00f53238de480f4878eca7946d06044528c5
SHA256

128ccb35e5917e63b851fffc587d5ec1ef664699cf0d71b386c6bdd1ec68169c
SHA512

923c76b418c74921261e126d8eae259a2d4111a1a7e5533cd169022c9014c87c64aa936a47a8dceab9e8c36309a466fa4a4efc9018456dcb0c6244a3e6d9f4b1
SSDEEP

786432:qjLJhGxlQ2Y0WwV4ebtzWamoXi+39uMnrmACrjdWI/cXqZrVy/pW6K7:ah6QiVJbcoXiuRnqAywYcO6HK7

Score

10^/10

blankgrabber collection discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Boostrapper.exe

Resource

win10v2004-20240802-en

collection discovery execution upx

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  Boostrapper.exe
- Size
  
  46.0MB
- MD5
  
  493beeed91039ed0113494af5f893735
- SHA1
  
  83ec00f53238de480f4878eca7946d06044528c5
- SHA256
  
  128ccb35e5917e63b851fffc587d5ec1ef664699cf0d71b386c6bdd1ec68169c
- SHA512
  
  923c76b418c74921261e126d8eae259a2d4111a1a7e5533cd169022c9014c87c64aa936a47a8dceab9e8c36309a466fa4a4efc9018456dcb0c6244a3e6d9f4b1
- SSDEEP
  
  786432:qjLJhGxlQ2Y0WwV4ebtzWamoXi+39uMnrmACrjdWI/cXqZrVy/pW6K7:ah6QiVJbcoXiuRnqAywYcO6HK7
Score

8^/10

collection discovery execution upx
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondiscoveryexecutionupx

© 2018-2024

Terms | Privacy