1072efad667d604f609fd850a13e54507e23b5ad33b836436267144a4cbd28e2

Sharing

Copy URL

Twitter E-mail

General

Target

Blank-Grabber-main.zip
Size

1.2MB
Sample

240912-v85t3awbrj
MD5

cf1622e33a46b0a9b7f88d0f031d679c
SHA1

6af28cb842e880d2121cc6f1ea9176c07d852bef
SHA256

1072efad667d604f609fd850a13e54507e23b5ad33b836436267144a4cbd28e2
SHA512

d5768cab8a7c44f569dd9abbade6eb0a4cdce530e62e3b59ae19ddc7cab6782f2015c0b231568c9945c9fcb9e28ac8f7c4488d390416173c30a292f3e8b6dc57
SSDEEP

24576:OmyJ4KPprRsfyj7JHdGddG4VfvTbkrqAItD6b6D8J7kKy:grBrufyHJ9s04FMr8D8YZ

Score

8^/10

Malware Config

Targets

- Target
  
  Blank-Grabber-main.zip
- Size
  
  1.2MB
- MD5
  
  cf1622e33a46b0a9b7f88d0f031d679c
- SHA1
  
  6af28cb842e880d2121cc6f1ea9176c07d852bef
- SHA256
  
  1072efad667d604f609fd850a13e54507e23b5ad33b836436267144a4cbd28e2
- SHA512
  
  d5768cab8a7c44f569dd9abbade6eb0a4cdce530e62e3b59ae19ddc7cab6782f2015c0b231568c9945c9fcb9e28ac8f7c4488d390416173c30a292f3e8b6dc57
- SSDEEP
  
  24576:OmyJ4KPprRsfyj7JHdGddG4VfvTbkrqAItD6b6D8J7kKy:grBrufyHJ9s04FMr8D8YZ
Score

1^/10
behavioral1
- Target
  
  Blank-Grabber-main/.github/workflows/image.png
- Size
  
  338KB
- MD5
  
  f8262f15edbf09c8c1468a044721f58f
- SHA1
  
  1746570cee010eec6e647091bf5fa0e6a73d827c
- SHA256
  
  82de6192b19aa090d932997b3e243fee5c2351181b282e238aebd505833fdd03
- SHA512
  
  b148f152706a1d87508d22631c0555d665328be6c4320bb97cc0700b16327e034c963c72a1b6c8babe66493eab687534cef63bfb9d0fdd74a1653ad2afeff2e1
- SSDEEP
  
  6144:keRxuXvX7NMXcFkfvNz9X36aE8gdfJUAgiKqJnGSYVXIXdDEJQfUjC2bTau94Z:kz/xMs8X37EhdfJhHyNINDEodFlZ
Score

3^/10
behavioral2
- Target
  
  Blank-Grabber-main/.github/workflows/update-hash.yml
- Size
  
  751B
- MD5
  
  cd6fb9c927cb0d328385501edc02ab40
- SHA1
  
  291c3ec2f294d8b8687faa14a7913cbe88f8ef56
- SHA256
  
  2bcfa0b9fcc3eaf936e0f6a2c2b5e8db59a8d46e39ccf25ab2ff0a2e26c96d48
- SHA512
  
  0c921860b8f944919c2bad9d09accb6b03a65bfe3268230d6cee7dd77544f35b1bbc2cc8decbc5afe33bb5ec6a5c619efbce16e3177982763f90c48709dba50c
Score

3^/10
behavioral3
- Target
  
  Blank-Grabber-main/Blank Grabber/Builder.bat
- Size
  
  1KB
- MD5
  
  69f3538d09da509b93329b22fd59a956
- SHA1
  
  d74ccc96102895e111712beedabcdc725fb23360
- SHA256
  
  79e1377ac17e6aece067d4cf6a202d8baf43a9906cea353de7188c43b20500c8
- SHA512
  
  a5e2fdeb2d185acda43e6a0d964966fc5246d2fe598d094e0b59bd757c42170d3e4125cf7da736080a95141b453d12a53af295eb53bd64e431285e8213da9b07
Score

1^/10
behavioral4
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/BlankOBF.py
- Size
  
  5KB
- MD5
  
  b3d2f59792b99d98107717d6b7100cf3
- SHA1
  
  5cf1f176236fb12fd665301a64be7d883ca125c8
- SHA256
  
  73bd45bbbf96aa84a2abf5eef93513126bd3adbbbb5ebd5272776643d99c1fb8
- SHA512
  
  1791b325ea86c56d35ff9c9216685dd7b3d0b0d01538de5cb6310cb64750daadbeccddbe51fc985bb22a8d8e67ab1a180708e7b97441e0daa2c0b1c14e918ed8
- SSDEEP
  
  96:Fr54cd62hK9FFZ48PuCQYBX5oQL6oUMOQcL:FP6Us4B8JoQLBsQcL
Score

7^/10

discovery execution persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Modifies system executable filetype association
  persistence
behavioral5
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/cert
- Size
  
  9KB
- MD5
  
  b769e370f66299bca7f86932bc24925f
- SHA1
  
  b4d882856a109412ed64c2449f51eab4697c844f
- SHA256
  
  090b03e1ff82d53fb90c3776be756465d6bc4dc04b164348eeab703a72bb2243
- SHA512
  
  a8e6b45c9623739b170aff0ae9109ceaa02ae1f1cd2a5f2ceca78c9b3446de010cea66afe2128795f441c91105fba5eaf4ba91991847f3874564d020a087ddeb
- SSDEEP
  
  192:QpPIKfhig1R7JNfVZCg2tDKZpZfH0JOqsmVgz28WhBqA/v:QpwK3PVZAD28JN77hhd3
Score

1^/10
behavioral6
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/config.json
- Size
  
  976B
- MD5
  
  17c98daace9d0baf81f6b9856c719c36
- SHA1
  
  8797f3c08ee01ebd3156d273a751a32cd8149afb
- SHA256
  
  28eb749c0057fa28835c64032e1bee33f42494168dc4d21f93383020eccc5a82
- SHA512
  
  17dd9ec30682b7dbed78de8fc09e9be578ccf39d2613e8752eb82a7bf2af3b3600c94ea89114eb94473b009628ed138ecaee2ad053119e4c493492d2321290c9
Score

3^/10
behavioral7
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/loader.py
- Size
  
  634B
- MD5
  
  ca35548638710a32f6d4bc1a61a103c5
- SHA1
  
  2703967c4376cc2e0ca20191eff97b85989d8310
- SHA256
  
  e7dbfe873c719006f28e6526ef54215d7b7598bce5566734c552dab9f1f487e6
- SHA512
  
  d1c0839326662b240dfa4bcea7284d261be46e9bb8b03f073e0328e361321f9cdfa740abd4541b2cdc21c806bcd901d3bc3cc36b9f7e0ee6191d189df0533061
Score

3^/10
behavioral8
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/postprocess.py
- Size
  
  2KB
- MD5
  
  bbed9f3d87c4927b2b2bc16a6ec4da51
- SHA1
  
  c3bceb8a6fb5207abc75039e5a66afbf8324cd8f
- SHA256
  
  72eefc2defd861c48721f235717a0f8de430ea8f2bc290b429cfbdc906ba539c
- SHA512
  
  352cd87d379e0a338d44f3933b6b135a36ebe83607157dfe28330ec2c03c6b2bcbbb2d43b1a06487675eea662c76084b3f9777f5b8d0c9132d50869318fc3c78
Score

3^/10
behavioral9
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/process.py
- Size
  
  8KB
- MD5
  
  8cc1b499d73f3fc2140a5b0c97afd6f2
- SHA1
  
  4e60e01f11ff8fec425c74679146e13713b18931
- SHA256
  
  72f2b7cbcc38b79ce96d12e6fdd9a45874728a1abd49eed00438069ba8006f21
- SHA512
  
  ac86a61d68bdac9b019d3c8a3f6102378b3e4f23be8398e6f0d79586dd29c0d104dc66e0cba267f88fb1b1d5241b74f51c073f2395f44d8f4ca34975b7534903
- SSDEEP
  
  192:Eew1auOoI8I+IQI2Iz2Iym+IyIQICI0IiIgIcI6ISI+ISIKG2I0U0F+05dkIMN06:f4iE9pV3522EQTq1o4mE
Score

3^/10
behavioral10
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/rar.exe
- Size
  
  615KB
- MD5
  
  9c223575ae5b9544bc3d69ac6364f75e
- SHA1
  
  8a1cb5ee02c742e937febc57609ac312247ba386
- SHA256
  
  90341ac8dcc9ec5f9efe89945a381eb701fe15c3196f594d9d9f0f67b4fc2213
- SHA512
  
  57663e2c07b56024aaae07515ee3a56b2f5068ebb2f2dc42be95d1224376c2458da21c965aab6ae54de780cb874c2fc9de83d9089abf4536de0f50faca582d09
- SSDEEP
  
  12288:3lPCcFDlj+gV4zOifKlOWVNcjfQww0S5JPgdbBC9qxbYG9Y:3lPCcvj+YYrfSOWVNcj1JS5JPgdbBCZd
Score

3^/10
behavioral11
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/rarreg.key
- Size
  
  456B
- MD5
  
  4531984cad7dacf24c086830068c4abe
- SHA1
  
  fa7c8c46677af01a83cf652ef30ba39b2aae14c3
- SHA256
  
  58209c8ab4191e834ffe2ecd003fd7a830d3650f0fd1355a74eb8a47c61d4211
- SHA512
  
  00056f471945d838ef2ce56d51c32967879fe54fcbf93a237ed85a98e27c5c8d2a39bc815b41c15caace2071edd0239d775a31d1794dc4dba49e7ecff1555122
Score

3^/10
behavioral12
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/requirements.txt
- Size
  
  40B
- MD5
  
  0717875d7e142fac144ac1e71d4ac6a0
- SHA1
  
  a2b84254a7234831d5b50b5542d7c0e440b654af
- SHA256
  
  c835fa03bbf8b1fea4dfea6001146028562a6716f42e3a8aa33e5a22d130350d
- SHA512
  
  6c976e3f4a047895173b4165ca88449536abcc6b95e4889b528290420340500e8f4d1f0cee38ec65ec1e2a8d93e8fdbe88981c077b5357c6bd0e91da8b3c1677
Score

1^/10
behavioral13
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/run.bat
- Size
  
  1KB
- MD5
  
  5beaf38a2e57c2813f6b19b3fb08aca3
- SHA1
  
  424b0ae28d3ea1e067e8c29d45f1f84040eaa7ec
- SHA256
  
  ceade703cb46e78226dc0331ea37f3ed9f681b5969b56ddd15ca5a39e8c067d3
- SHA512
  
  7265b1a73f2d4841b62aec2f1eeb14114051f5b09fa47049ebb0a39ae220bdf35e747c98467aa56be8fc90aa7102888ce215edc88a52212b26ee915fdbe2d486
Score

1^/10
behavioral14
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/sigthief.py
- Size
  
  10KB
- MD5
  
  57156b83bcfa0c8cbc0fc36aa02a1617
- SHA1
  
  a6aaf0f1e05924e6c6a27918f406c620cacf7a01
- SHA256
  
  caf899aedb2b0fe154de2223d86604380d2cf4a47406f881cca680c8a4b063bf
- SHA512
  
  63b8944298cdc7323ee7b193efa75018a759d10c6933d430ad62779231b9daca6b2dfd0fcac8e69b5846474b83c1deae5b82606d88c26bebad5bb31d50ff883e
- SSDEEP
  
  192:J/j5U9+6E0yWYSF/DwI6CRH2dCYwqSfU15dkAJH:J6yMSfUU1l
Score

3^/10
behavioral15
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/stub.py
- Size
  
  99KB
- MD5
  
  6dc9bbb14ef14c45d4d5d4128dbeb5ef
- SHA1
  
  22b444a2d21707449ee8f5cde4cd87bbd63e255f
- SHA256
  
  7602997372de338fbe45cb16f6bfe6d0c5bb57634ac7cf64e098a709c939d22c
- SHA512
  
  cff7bab1052443397a26aa28395d6cb139d2f270def1c0f811d2e92488e7a71daf460461cec8ea79a2f2fcaf3840b8827e9cf2c6f453fa715ff48e997eeabc3e
- SSDEEP
  
  3072:G+RNbizH0U+ma2KJpUrRiwDL0a+P4HmrHnRn:VRNC+UrFq4Kn
Score

3^/10
behavioral16
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/upx.exe
- Size
  
  525KB
- MD5
  
  8a98406e32ed6139bd9e75342d452948
- SHA1
  
  ed77737b88a7351d0bc5f542ddb7ce84f8f95588
- SHA256
  
  a4240ea0e8a916d15f8391edef9705ab4de1f516dd360f0a336c5358686d434b
- SHA512
  
  f5b17975560d97308a6ee66845225715e82bade9df7bc36821c76fe67fcf8d22929bf21b85e28dd11b7399d0109ab1f3786fd2010c2e5023d3a93d2bd5cf678b
- SSDEEP
  
  12288:fOHsWPQsJdQmiR0eYG16fyP8RHzS75CaNgMYqIW7I2:2QmiWK16rRHzS7U6ip2
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral17
- Target
  
  out.upx
- Size
  
  2.0MB
- MD5
  
  6f9617311d2fb9cbbfabc57ed46dbd14
- SHA1
  
  899b535d0d942c60d2d95fa4cbe4a80408ccb8bb
- SHA256
  
  a84e70f79c993beadbfcade43bf51f63d841ecd27eaced77c0976e70fba9de69
- SHA512
  
  1a71de62b8e6798889525ae3479322d93f2aaa35075adefe49d4d820b9542955ae15638046c78ab83c02da628140ece11dab30c1939e440f5260a012024b277b
- SSDEEP
  
  24576:Y7J+UM2Sqzae2jctbEjviXrGBZUlOQeZp9G9SPkeDkFkH1:dUBacRiBiEQGP
Score

1^/10
behavioral18
- Target
  
  Blank-Grabber-main/Blank Grabber/Components/version.txt
- Size
  
  1KB
- MD5
  
  dbeadc0f19f3e284489e638819266912
- SHA1
  
  592d7f9af3cca9b530146782ef53f24a7d771570
- SHA256
  
  bef1789c0dc34badaf2873723b7baa81fdfd9fef2fe41aad720d389fe0587955
- SHA512
  
  4e979ddc856ebb42ca63f52287fef175fee7e7c69a0ed4e28fb8b297d1c3fc1812b9bbd641bb1b7dc3d68b13d43881970682a59abb7e0ae5d509cbb76e2d751d
Score

1^/10
behavioral19
- Target
  
  Blank-Grabber-main/Blank Grabber/Extras/hash
- Size
  
  49B
- MD5
  
  cc56774b629cd17fe887ccabf5461161
- SHA1
  
  e4b7db5ed674022b341119bd0d6931f59ef78b46
- SHA256
  
  a3a0bcb8bec1eaad047e69983080754930ef816d707cfb0c79bde28914d1c58c
- SHA512
  
  ad6bbc1ffff9ae24dac299b77efb1d9c844f1d59d1ebf0c8293e9f755c020877b21c392fe64f15e47de48080d7dbc9a9a40311ed3f88670ae817310614291aaf
Score

1^/10
behavioral20
- Target
  
  Blank-Grabber-main/Blank Grabber/Extras/icon.ico
- Size
  
  4KB
- MD5
  
  d53754dda80461501b1937e581f192e6
- SHA1
  
  e7f812a406a15af20757fc83dcf860c4128f4011
- SHA256
  
  b85b3c08b569688d63aa0202af5e9a0ec9967ddf03ae8de7277b7db81e80e60d
- SHA512
  
  835e712920e50476a475d59127f47f8846dd28c9dff90d842fff0b54eba10ebfd635a2abdcb2c88aab0311e10f66eae11198198cdd64be82b8a116abc9192dbf
- SSDEEP
  
  96:6td9ysZo+9/tX82PPpyVbV3suTlnznFKVaDOzX5mBlhL5kvW:qXyXy/JhPpynznFKiKJ8Ae
Score

3^/10
behavioral21
- Target
  
  Blank-Grabber-main/Blank Grabber/Extras/unblock_sites.py
- Size
  
  1KB
- MD5
  
  0d1019573b112545f9fd41a4e0acc342
- SHA1
  
  6ab1685e4d4aa3d16307325da3c8c6a65cc1cd2a
- SHA256
  
  bf5c32f73990a16835b5b91f08647617dce973a68626ee4921bc5e2c5a07cafe
- SHA512
  
  d4cdb37acabfe9013aa8cdec6cce9040a9d9c2b52570fa45f1a0750c29860b161d0446ded2d3f31c61676f42ab2be7c01c8cffc09ae64126510ee2d484e1c561
Score

3^/10
behavioral22
- Target
  
  Blank-Grabber-main/Blank Grabber/READme.txt
- Size
  
  170B
- MD5
  
  10a5016f49ef1acacd6998ace35d85e6
- SHA1
  
  49eb4d70a5aea7f79c6e545d87b4863bfa350503
- SHA256
  
  b30d3a21941310b108baf1dddfc8b363a81a033025ef045d267142eb9f9e78af
- SHA512
  
  20ba3c146ef15afb526a4bd7842f4cafb0042e2258022fd3deaa8150656d10c45714bdc8c1e48434781841bae3a9f5bd4fbe081c2dfbdd14a22f36bb0b3048f6
Score

1^/10
behavioral23
- Target
  
  Blank-Grabber-main/Blank Grabber/gui.py
- Size
  
  38KB
- MD5
  
  d4516f5f779e1f422bb4fd3f204e1f2e
- SHA1
  
  35c7d2e3ce191b9d67a149f378e249ae419acb43
- SHA256
  
  2541224e02dea793417cb301ee3de7097641b376df779041ff105cdf79692f1b
- SHA512
  
  704fda769a2cc70388f6ca77bde23506862e9e9fe170c8f5fc79b6ca63156f6fa6a55e9dfa763e4b7fb24ed0b5947a7b568b51a5ab167acace8a20c2b9cc396a
- SSDEEP
  
  384:rRBBxtptPNbwhxFGbqWtYh6tr9f2L+vMPNPtLoPjW6CjLKabA117TDtOycaiC7a/:rRxRNbwhxFGbqWtBtoRvL7JwaMwY8
Score

3^/10
behavioral24
- Target
  
  Blank-Grabber-main/LICENSE
- Size
  
  1KB
- MD5
  
  0d529b5142a9a8ca2737b546fa1d5321
- SHA1
  
  d9f6893c97198a0293d96c0bbd505ee142982570
- SHA256
  
  7063655a4dd545d13979d599a96a26cf804ead45751937f63a85b6ebc70477fb
- SHA512
  
  739a69b62c24753c95c52c9c47a21d8b0b6d4d215431ac33b477ecb19f7e61362aedfb42133d4435ce9564b85b9eba5de05916ce47b53c52450207f136f3fc41
Score

1^/10
behavioral25
- Target
  
  Blank-Grabber-main/README.md
- Size
  
  7KB
- MD5
  
  9526a8f5daab4607c86f79793ca7659d
- SHA1
  
  7a3d14d9f1164fd52ecbacf3cdf92fecb96bf24a
- SHA256
  
  4b82902e290651a98b7512e37ef56ddbd2b141301ed555e20212f3a50332dd17
- SHA512
  
  b794ff780e72161a98cac9ebfa50a435c9ff96e955aaf9ca8713a47ff72477fee878062331e7db4898477fd8e2d45cf4396855864fbadfb1ba96e55a8d42dc90
- SSDEEP
  
  192:cqHjy5Eh9CKO+Vcj54sbMvengd+fgsz6DEeCExK:cqHjy5Eh9CKhOj54xve6+5z6DEeDxK
Score

3^/10
behavioral26
- Target
  
  Blank-Grabber-main/changelog.md
- Size
  
  1KB
- MD5
  
  69b5d5379cc6ac58537fb1d83d148b05
- SHA1
  
  00cad544ac33a7adf5cf84ee80705584d6115ff1
- SHA256
  
  e1eb49bc87856e201d6d080237f82a6cb4c9bdc5e870c238113a4afb0bda7917
- SHA512
  
  7a4aeed9b1df82dd31e0df0517da7f0ae6ecc4db5691335c260a8312e7f0c8418f952741888829830252c3b27a86496955691b5282d86af32f4c96696f0ac6a6
Score

3^/10
behavioral27

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Event Triggered Execution

T1546

Change Default File Association

T1546.001

Component Object Model Hijacking

T1546.015

Privilege Escalation

Event Triggered Execution

T1546

Change Default File Association

T1546.001

Component Object Model Hijacking

T1546.015

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Event Triggered Execution: Component Object Model Hijacking

Modifies system executable filetype association

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27