blankgrabber | 7b66d1563cdf73db6dd592c207fd25be645bf6827ea52ccb069ef881a63efa2e | Triage

Submit
Reports

Overview

overview

Static

static

HyperionSuspender.exe

windows7-x64

7

HyperionSuspender.exe

windows10-2004-x64

8

Sharing

General

Target

HyperionSuspender.exe
Size

6.6MB
Sample

240929-xlbzkswdkm
MD5

b23219566203f342fc66d552e13fca4f
SHA1

bb8a57b84999f0cb5a47c998b55d08dc3ba5cb12
SHA256

7b66d1563cdf73db6dd592c207fd25be645bf6827ea52ccb069ef881a63efa2e
SHA512

17971b1383a766a3f187ddb14c54b9b88ed2d2a3ab2cc00e42c11eca7ea4169cbc46b6a74957405d1f24c036f761bc8000abc0b39944ba9afbd70b0874bf751f
SSDEEP

196608:qAAMvf+ysDBPI4sWHqVcUzAoNfovSEYCn3ZJetiOohU0:vqEIqVcUzAoN9u3MMF

Score

10^/10

blankgrabber collection defense_evasion discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

HyperionSuspender.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

HyperionSuspender.exe

Resource

win10v2004-20240802-en

collection defense_evasion discovery execution upx

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  HyperionSuspender.exe
- Size
  
  6.6MB
- MD5
  
  b23219566203f342fc66d552e13fca4f
- SHA1
  
  bb8a57b84999f0cb5a47c998b55d08dc3ba5cb12
- SHA256
  
  7b66d1563cdf73db6dd592c207fd25be645bf6827ea52ccb069ef881a63efa2e
- SHA512
  
  17971b1383a766a3f187ddb14c54b9b88ed2d2a3ab2cc00e42c11eca7ea4169cbc46b6a74957405d1f24c036f761bc8000abc0b39944ba9afbd70b0874bf751f
- SSDEEP
  
  196608:qAAMvf+ysDBPI4sWHqVcUzAoNfovSEYCn3ZJetiOohU0:vqEIqVcUzAoN9u3MMF
Score

8^/10

upx collection defense_evasion discovery execution
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Loads dropped DLL
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

Wi-Fi Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

collectiondefense_evasiondiscoveryexecutionupx

© 2018-2025

Terms | Privacy