blankgrabber | 323ca1b9c1ca4d8469502f617059fe81aa2758cd3891dddcd9de3d05b72cbbb2 | Triage

Submit
Reports

Overview

overview

Static

static

cc generat...EN.exe

windows7-x64

7

cc generat...EN.exe

windows10-2004-x64

8

Resubmissions

27/09/2024, 01:04

240927-be5sesxckq 10

27/09/2024, 01:04

240927-bez7yaxckj 10

27/09/2024, 01:03

240927-bevmfsxcjp 10

27/09/2024, 01:03

240927-bepffazdkf 10

27/09/2024, 00:38

240927-azcrpswdrm 10

02/02/2024, 22:48

240202-2rfxyaaef9 10

02/02/2024, 22:47

240202-2qptfsaed6 10

02/02/2024, 22:43

240202-2nntdacffn 10

02/02/2024, 22:40

240202-2lqvysceen 10

02/02/2024, 22:36

240202-2jk7paabb9 10

Sharing

General

Target

cc_generator_by_ShadowGEN.rar
Size

8.0MB
Sample

240927-bez7yaxckj
MD5

715cd5f4dda1340f318cbd1a23fb8b19
SHA1

6c444be2f53f1e5839b610f8a09b0deee17974cf
SHA256

323ca1b9c1ca4d8469502f617059fe81aa2758cd3891dddcd9de3d05b72cbbb2
SHA512

e0dcfabef10d0b2bc9c90ecb74f673121cdb19ec07c46a0b64bf72678039b1a582e11a79953422943bbfb645aa0dab5c2a89852f1718229d6095e863ec18d41b
SSDEEP

196608:iB4mOfeuAUkcy+HLjM0Shh/XmIBwUezbaQujEkPev:iB/Ofeu3kwE0Wh+ImUUbaXIk2v

Score

10^/10

blankgrabber discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

cc generator by ShadowGEN.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

cc generator by ShadowGEN.exe

Resource

win10v2004-20240802-en

discovery execution upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  cc generator by ShadowGEN.exe
- Size
  
  8.2MB
- MD5
  
  0aaa4e1cd422a7e8c53f550a051abcda
- SHA1
  
  d834c15b6e362e2d5ba96c5efad3705ed2ebb029
- SHA256
  
  91f52cd923422fd8270f23583da67bdc3564546ac2b4d28c2f1fca46eb6f8c91
- SHA512
  
  4a5572d2db20b7b4b0e88c8110c5e6d356fb055a929472c15643d5effc2b247eec87b4da1d3156606d0ea5a4da48485244673ef505f441ace2f683398e9ccaba
- SSDEEP
  
  196608:XV1EzRHRrIeLjv+bhqNVoB8Ck5c7GpNlpq41J2ySENNkfWHio6+9zsf:LstL+9qz88Ck+7q3p91JmJ8M+9Yf
Score

8^/10

upx discovery execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryexecutionupx

© 2018-2025

Terms | Privacy