blankgrabber | e554952326f15d85c11577f2841342fffb630d492de83799ef0457f2b19af8a1 | Triage

Submit
Reports

Overview

overview

Static

static

IMAGE LOGGER 3.5.exe

windows10-1703-x64

Sharing

General

Target

IMAGE LOGGER 3.5.exe
Size

10.0MB
Sample

240925-c7hzsszgrn
MD5

d1f9a9801179ccadeba0ad3f17ae625c
SHA1

2f14fc55495bf64334d4f58f9502070e2d85bb11
SHA256

e554952326f15d85c11577f2841342fffb630d492de83799ef0457f2b19af8a1
SHA512

1e5fde6d994f7794346a36f0e34e029e806f65da3ff90db9844a444329def21834aa1372df44e47ff74bf66cdf43393b3fc1319a4c4bc5a55cf96415f9cb9ad6
SSDEEP

196608:Nw8POLjv+bhqNVoB0SEsucQZ41JBbIM11tW:+8PyL+9qz80SJHQK1Jx1vW

Score

10^/10

blankgrabber discovery evasion execution upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

IMAGE LOGGER 3.5.exe

Resource

win10-20240404-en

discovery evasion execution upx

windows10-1703-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  IMAGE LOGGER 3.5.exe
- Size
  
  10.0MB
- MD5
  
  d1f9a9801179ccadeba0ad3f17ae625c
- SHA1
  
  2f14fc55495bf64334d4f58f9502070e2d85bb11
- SHA256
  
  e554952326f15d85c11577f2841342fffb630d492de83799ef0457f2b19af8a1
- SHA512
  
  1e5fde6d994f7794346a36f0e34e029e806f65da3ff90db9844a444329def21834aa1372df44e47ff74bf66cdf43393b3fc1319a4c4bc5a55cf96415f9cb9ad6
- SSDEEP
  
  196608:Nw8POLjv+bhqNVoB0SEsucQZ41JBbIM11tW:+8PyL+9qz80SJHQK1Jx1vW
Score

10^/10

discovery evasion execution upx
- Deletes Windows Defender Definitions
  Uses mpcmdrun utility to delete all AV definitions.
  evasion
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Loads dropped DLL
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionexecutionupx

© 2018-2025

Terms | Privacy