blankgrabber | 3c1db3c92f75ce1b0ad436709cc85b08e095259b1cba4899a3c84fa1fa9ad275 | Triage

Sharing

General

Target

Flux.zip
Size

80.3MB
Sample

240822-t2gyzsxbkd
MD5

1e4fc05c625542b4d4049adc1952d5f5
SHA1

38c3f1bf9095b84950986bd70fed4659c0a05ec4
SHA256

3c1db3c92f75ce1b0ad436709cc85b08e095259b1cba4899a3c84fa1fa9ad275
SHA512

3ee0304782b791909aa51923ba476e36985ec4252e3bc6808197aaf0f4166de1538ce601d6329681073782d72f328a448c6fc93fae8dd602dc598f083b35ca1d
SSDEEP

1572864:c5YgfqD5vWQsug1+ueoPAHXXvVHxeoR8+Uex1jEXYISR4:gY4qdBsb+uWHn3R8+JTYH

Score

10^/10

blankgrabber discovery execution

Malware Config

Targets

- Target
  
  Monaco/fgd.html
- Size
  
  18KB
- MD5
  
  a1416c1fe209f7687ff79ab44301b3d3
- SHA1
  
  3ba3ff0027a98128edad78f5561cef53c4236791
- SHA256
  
  a6897302dba619dd3c156d57fc4b706662bff4df582975c33478b7878b060d2c
- SHA512
  
  ce8a9aaf7ba903dfb25df53e04addfedae7ee4fcd07dffd42abf3f275a75b14cb26bb64c9320fd425003c73618b2967bb7be2cfb849050d50dd5308e69842f79
- SSDEEP
  
  384:fihTARA5Lmwl1qPeVvW4NVtabVBJjVBd+TI6noaQLR7:fihTjoy+StabVBJ/kkgoaQLR7
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  Monaco/fileaccess/node_modules/array-flatten/README.md
- Size
  
  1KB
- MD5
  
  328fdaf1ee65869341567f4fb6716e02
- SHA1
  
  98efa9e4bd6d6bca4ebb76991a2187a8a496c8b6
- SHA256
  
  071dd896356da12269508f361958ec622e47b27a96d7efdba23b671bc3470416
- SHA512
  
  40378eeeb21474e8be2962853b1d279ab8e167e68ebad08ae4e7932c131da317672852916bcc1000ec43a0163653c45158a9a8be819b4a6479163ac8c5391ca5
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  Monaco/fileaccess/node_modules/array-flatten/array-flatten.js
- Size
  
  1KB
- MD5
  
  4b17fa06c54846b686b8b799e9dd253a
- SHA1
  
  fc6cc30e8b8ec09eeba62bac076ed627aa3ee8d1
- SHA256
  
  766ca145b6d25e3d60f352a716e8fa1876bcdf362c0767c360cf24f335bc281e
- SHA512
  
  72df1668f464f6942c484155b667086bb6f83f77e826ffcd146ee045079db3334aba270bffb66cdd796d4c9308121ec2a67a404289f19914c45d9a6c15435e71
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  Monaco/fileaccess/node_modules/body-parser/lib/types/json.js
- Size
  
  5KB
- MD5
  
  6b036408f968978bf9668496db9953ba
- SHA1
  
  af1f14428152576f1c047c3462d26a7feb98635a
- SHA256
  
  44f8b529333004e2aaff6db3a1dbe7068f1ac5fa1173e9634686a78c2262af35
- SHA512
  
  89bef97d3d5d0c8da0f3aa1e178fee1d04eee5200c2f037bd55761a61e6c6a251f7314e82343761ef227a997909f4a0237a3ff5f79a1a7bb9e879a465ab84f86
- SSDEEP
  
  96:1F+Graz+dz1PbSDp2qjlvqzi+QBYwxcG5l+NbkAZiVl7g6A4QYSR:1F+Graz8TUj0mx+wOgybriVZg6ffSR
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  Monaco/fileaccess/node_modules/body-parser/lib/types/text.js
- Size
  
  2KB
- MD5
  
  beb4ada09306f8d6435566d9e88076d3
- SHA1
  
  eda9bc036c9d10f1400cd2e4a8832949671cadc7
- SHA256
  
  54a6e8ef720b06a300b21f6c60387805dec743a64154784a609dfe8c6860776a
- SHA512
  
  5d9c9c6837b9599d29db9b1eb54cd2a4e215feeb028137f31c20f2b02e38f600aa8c02721444dc41d7bfc206ad39a810076853d09fa1e3113b5708a75443131e
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  Monaco/fileaccess/node_modules/bytes/Readme.md
- Size
  
  4KB
- MD5
  
  e7804750b4dbb0e9169be6bc020c8e6f
- SHA1
  
  c1f64bb7089cb59d5b3d929388118d25448ae22a
- SHA256
  
  761e5a8818f8de496a4df6632fa30df65b62e00d5db2b297096c63e07d61f740
- SHA512
  
  645f50f3627629a5c62175b1182d2279cad099f6b4f02b3f0fe7b604fcc64a73a7e5a0b25a225bc25326dc7a8a30aeaa2ab060fbfbba2ddb92fdad6673c22c35
- SSDEEP
  
  48:xFqXmR2NdXMoNj4CUGLaHtT8sZkwadPZvCLvqv/pyiKmfFapucGa3cmWqMb8JbRZ:WXn15sTGeH8sSJWJTHsyfKBM
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  Monaco/fileaccess/node_modules/bytes/index.js
- Size
  
  3KB
- MD5
  
  83cf8fe86424252c5a9a3e2fe90dbd57
- SHA1
  
  bd46529e5637ff1a659f1d4af2598925b12741e0
- SHA256
  
  893fcbbbe962dc00e40dc2e4b20e76e92d874dd257345003c6575d940e91a37f
- SHA512
  
  f0630152a247cf51dfc677c22323afccc667350a11db093b59b93f403481deba1d44cd78cd53f4c4a3e2df297c35fe54cdc841c10c4667ebb81d3a54fbf56d43
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  Monaco/fileaccess/node_modules/define-data-property/README.md
- Size
  
  2KB
- MD5
  
  e1b5204a9c537870bb43df7c59903f59
- SHA1
  
  dcd48565637e619379e97fcf5e5dab8c15a41f28
- SHA256
  
  72ddfa32f732f61479cfb34852cb0f57162bc3037a97bf812c4e42679b3ff0b9
- SHA512
  
  8737fd203c91cbec368bd4f8c15e79987d3fb2a6c4c0f55c4643e5308d148fadfd3611c15c19139a8ab98685e50e4cf2d7d17fb043ec157a8561f259ca9369b7
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  Monaco/fileaccess/node_modules/define-data-property/index.js
- Size
  
  2KB
- MD5
  
  92d50385cb04e9bba48103d21a4a08dd
- SHA1
  
  137bb6b7b4e8aede40825f23805cb8b8dc3eab4e
- SHA256
  
  e34746e8c69bbf6ba2182b7362e9c4dc5fb3c19cace48091781ae967370bc065
- SHA512
  
  dc291a9457cffc5f6eb39694fd91c72877502829bef01b07dad5df47a11751b2910e1807d52842fad38d8b8309eb6d8207c042ce705a211866717695b6d6d1be
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  Monaco/fileaccess/node_modules/define-data-property/test/index.js
- Size
  
  10KB
- MD5
  
  0d1fabe33ca02b061ae2420e62c46059
- SHA1
  
  b2bcaa3baf27733b105784766e8a68d7394be260
- SHA256
  
  db68bc8e54487d027c9699f4b6df2df865386de6f2b738619c7c6431c919767d
- SHA512
  
  4d5d626fdb0b3fccc183896c7d74dc31070404ba6f311666cadfb3325ff2f07980d942bc7a59bc74cd3beff97c4c1fe2ee42846c2da5aed3bd107fc78b96776d
- SSDEEP
  
  192:OG6xzFuMZ/9p9wOZaOdqOZaOZpOZaqZSVEBxOZWOQ2OZDrZQXEXwc8OQ2OZDrZxu:OjbrwOZaOdqOZaOZpOZaqZSVEBxOZWOS
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  Monaco/fileaccess/node_modules/depd/Readme.md
- Size
  
  9KB
- MD5
  
  42d9d887a8cce3b2ab9c8da4faed33e3
- SHA1
  
  dee99fab95a6441191c709b010babb1a7015b575
- SHA256
  
  11deb26eafa25a465ffb8a8e3c28195eb40e679fda52b760132dbe9c9b21fb5c
- SHA512
  
  d9b07553c1c5fc505732d1435b81accbfe5d164728fd0c7ea0e179582bc6f4fb9da7047e119468e6431903dda8564d4a26608cdfab5e2f7344d2f56a25b021ad
- SSDEEP
  
  192:pC3g93tCl7wTGdJfXkSCbkIwtN49jTgokqtEnKwGqM0J5GcTYGphchGvna:KM960TGAS/IwtN49jTgoksEnKwq0J5M9
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Monaco/fileaccess/node_modules/depd/index.js
- Size
  
  10KB
- MD5
  
  002a1f3e813cc05d9e3cc011f6601628
- SHA1
  
  1690c27457637ec234d6b7658f1b96e547a0eb99
- SHA256
  
  4d587a5662e20a7bb9bfe6555afe5987e1b80303a819b447394f37a93297ee91
- SHA512
  
  ea1ad9bcf09a73a10dd1fd8a66daac12f87725e16ad27e7beff6d9fda937579976cd5d7ed6439c4122b16178c3ffdf410d6c7a54918f94bc98fa7950adf3bd54
- SSDEEP
  
  192:vpe1221Fdc5jXmXUApvcvcBGtXY/KQYbUY/rRgrNoYo8GVHXWVhVO:vpe191Lc5G0k//YsNIVHXWVhVO
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  Monaco/fileaccess/node_modules/depd/lib/browser/index.js
- Size
  
  1KB
- MD5
  
  5b958f39df1df069739ccd3765bad0de
- SHA1
  
  c010f754ecd1e959f6bacac10e976bee24c215a0
- SHA256
  
  10b4d4a4e9d14e9e6a5ab7ced64405ef90e6bec94d479a8e223cbba88828ad79
- SHA512
  
  5848b28ddaac1af95d658d110ae8c18d309044206b066c575705e0f8b75f4a918fe692e5f90bba6fe2b1c4ef8344c7096c4f7e2ce87f7fb1537b55e0489d75b3
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  Monaco/fileaccess/node_modules/destroy/README.md
- Size
  
  2KB
- MD5
  
  5866f60785543ab8d86b79dec253db49
- SHA1
  
  31d6d0f4b8f17c2551540857056950c406618f51
- SHA256
  
  80f720db998d4728565126ea1d4b96c5248d35c2e53032d23692ce3930de69c8
- SHA512
  
  bf638f2f6112c8231c08a26784b0f86079494b4dfbb14d59ba87b0a72075ff1364fcc796463e6055d120e6faec30a47de4f351fb769f1548d5c213ecb45b28ed
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Monaco/fileaccess/node_modules/destroy/index.js
- Size
  
  4KB
- MD5
  
  35723299a9b5b96d111cbf94c56c898f
- SHA1
  
  6547e9c6dbfb287cb22819955726efc01a29950f
- SHA256
  
  b54f50db059987726ce2bdadca5d66a1e3ceef183aa5f43ce61aa53f05c36cb7
- SHA512
  
  d68622a50b1efa8c3ba52fbf8f1a036cffafe608dc0788013f9b7347c7077f3167cb2504d54815750225dad601c376a485357906f3c0cb6493bbac67d4ac9579
- SSDEEP
  
  96:QDxP4dH18X0MJ1ncBEPwxr+Pfdm6h0eFoFXJ:QDxPEVXM3ncBEPwocuFoF5
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Monaco/fileaccess/node_modules/ee-first/README.md
- Size
  
  2KB
- MD5
  
  8591e9d47fb8574f4a99ac3de242b3cc
- SHA1
  
  7c611cdeb6b66df78adfb4b1a56fec087dce14b5
- SHA256
  
  4480e03d020436e665886a99120abb2ee7fb422850e1b53ccbdbdbd251414c23
- SHA512
  
  3309f93386f1a8275f8ef1d76b2e242c8287c39662be567a501dee017b5564c0f1e73ba332816fd6387da5497918a5b2824dc0da94a6b1ecd7a87c85f1fb2aef
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32