blankgrabber | c9597fc6a74e735bb894be871e86e805dc3386174020c9e6cc85aed5c3bb6320 | Triage

Submit
Reports

Overview

overview

Static

static

Fortnite.rar

windows7-x64

3

Fortnite.rar

windows10-2004-x64

3

LOADER.exe

windows7-x64

7

LOADER.exe

windows10-2004-x64

8

e��s.pyc

windows7-x64

e��s.pyc

windows10-2004-x64

Tutorial fortnite.txt

windows7-x64

1

Tutorial fortnite.txt

windows10-2004-x64

1

Sharing

General

Target

Fortnite.rar
Size

5.8MB
Sample

240928-rqey5ssgqf
MD5

287dbf6b4b8adeeebd24b97a2908ec8d
SHA1

444d06b9e78490d58f109d46f189675c089db025
SHA256

c9597fc6a74e735bb894be871e86e805dc3386174020c9e6cc85aed5c3bb6320
SHA512

42e3d44fb572acb3feeb25a82df0993c2e6402158a41cefa5b98f2d1ac66618fcb986690c88e852595d85b8323d54de3f78d814851faf156bcbdb99d9902435f
SSDEEP

98304:zXH7tISQI9lr38U0eLYM+CPzGlT3mHrxD4xN30EY8fwds6U+uHUsO6AkbRzh0FV/:zXJISQIbrv5YM3a3mLh4gMfTx++Llh0r

Score

10^/10

blankgrabber discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Fortnite.rar

Resource

win7-20240903-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

Fortnite.rar

Resource

win10v2004-20240802-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

LOADER.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral4

Sample

LOADER.exe

Resource

win10v2004-20240802-en

discovery execution upx

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral5

Sample

e��s.pyc

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

e��s.pyc

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

Tutorial fortnite.txt

Resource

win7-20240704-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

Tutorial fortnite.txt

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  Fortnite.rar
- Size
  
  5.8MB
- MD5
  
  287dbf6b4b8adeeebd24b97a2908ec8d
- SHA1
  
  444d06b9e78490d58f109d46f189675c089db025
- SHA256
  
  c9597fc6a74e735bb894be871e86e805dc3386174020c9e6cc85aed5c3bb6320
- SHA512
  
  42e3d44fb572acb3feeb25a82df0993c2e6402158a41cefa5b98f2d1ac66618fcb986690c88e852595d85b8323d54de3f78d814851faf156bcbdb99d9902435f
- SSDEEP
  
  98304:zXH7tISQI9lr38U0eLYM+CPzGlT3mHrxD4xN30EY8fwds6U+uHUsO6AkbRzh0FV/:zXJISQIbrv5YM3a3mLh4gMfTx++Llh0r
Score

3^/10
behavioral1 behavioral2
- Target
  
  LOADER.exe
- Size
  
  5.8MB
- MD5
  
  1f2e445540db3ca020afa5a46a0d0f2c
- SHA1
  
  ba950e9a9f0862a0ad63e8c63d25cfcfefab7231
- SHA256
  
  ef78d9661627a415232a88d549d64a060380d7a68837590b67ed609ba0df95b5
- SHA512
  
  287c4dd04e84aa9f9a328bfcf54eb19677ee187f731ff80485988d275bc6495ca4db6fce380614639c299a00aa0b68c0fa4382534bc22c378b69e25661d821af
- SSDEEP
  
  98304:RUEtdFBClamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RhOuAK4do7n:lFIgeN/FJMIDJf0gsAGK4RkuAK4y7n
Score

8^/10

upx discovery execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  e��s.pyc
- Size
  
  857B
- MD5
  
  784be46c812b46c919351347bca91f89
- SHA1
  
  bb015b974de59722b2dedae484ea3de26b055626
- SHA256
  
  0e25fc9c82204917191952c734a8b03b76768bcb42812e8e1e2a19617062334e
- SHA512
  
  2615e9269bd249c0c9acbd22a074e9ac56a3b964a5a17e2108616e9307727c215764b980e1ae11b230289b3823a51c74042a87d31a65c43a32f2f0a87a9e4620
Score

1^/10
behavioral5 behavioral6
- Target
  
  Tutorial fortnite.txt
- Size
  
  96B
- MD5
  
  38ac8ccc36a0b40239e0c60ffebddded
- SHA1
  
  0a763200c5b6ed85273348af84582d8406759016
- SHA256
  
  1bd4536999018bda4488af68af577f461e109ad162b819066b8b1bd296bc0fa3
- SHA512
  
  1f2f1908f39e728e9bd52de071977c87e0581f0064aecf79b82b58fb6e5500063b5e79f71f77bc929b353bf44b324d9301275cc2ae2d2de4d37590e8d5e61873
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

discoveryexecutionupx

behavioral5

behavioral6

behavioral7

behavioral8

© 2018-2025

Terms | Privacy