blankgrabber | c7af0903c43fe46ecfac697a6cad34aab4b3b43dd93e14db056b0aa4193db68e | Triage

Submit
Reports

Overview

overview

Static

static

Setup_Cursed54.exe

windows7-x64

7

Setup_Cursed54.exe

windows10-2004-x64

8

Sharing

General

Target

Setup_Cursed54.exe
Size

7.5MB
Sample

241012-an74gawgrq
MD5

ca6cd3613e501589bab37c63aff517e1
SHA1

a4c7b7a4014aff06b738575c145b37b20a3a21d5
SHA256

c7af0903c43fe46ecfac697a6cad34aab4b3b43dd93e14db056b0aa4193db68e
SHA512

cb0e6cdcc5a0afdc17ee39df1ee61d94f4da313d05dbb05251364ec6c5ccbda21b89541f5f2f25c34fce17d7fc4cdd600b47996b3a1489f58467147e2f010d20
SSDEEP

196608:3BgVVEexhwfI9jUC2gYBYv3vbW2+iITx1U6nE:SVVEA+IH2gYBgDWJTnzE

Score

10^/10

blankgrabber discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Setup_Cursed54.exe

Resource

win7-20240708-en

windows7-x64

3 signatures

1800 seconds

Behavioral task

behavioral2

Sample

Setup_Cursed54.exe

Resource

win10v2004-20241007-en

discovery execution upx

windows10-2004-x64

8 signatures

1800 seconds

Malware Config

Targets

- Target
  
  Setup_Cursed54.exe
- Size
  
  7.5MB
- MD5
  
  ca6cd3613e501589bab37c63aff517e1
- SHA1
  
  a4c7b7a4014aff06b738575c145b37b20a3a21d5
- SHA256
  
  c7af0903c43fe46ecfac697a6cad34aab4b3b43dd93e14db056b0aa4193db68e
- SHA512
  
  cb0e6cdcc5a0afdc17ee39df1ee61d94f4da313d05dbb05251364ec6c5ccbda21b89541f5f2f25c34fce17d7fc4cdd600b47996b3a1489f58467147e2f010d20
- SSDEEP
  
  196608:3BgVVEexhwfI9jUC2gYBYv3vbW2+iITx1U6nE:SVVEA+IH2gYBgDWJTnzE
Score

8^/10

upx discovery execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryexecutionupx

© 2018-2025

Terms | Privacy