blankgrabber | d8f2bebb1a9fd29ee44c06b24cc09b1875bdc642ab9e704e0e7ce8c4729fe40f

General

Target

Yippe.exe
Size

6.0MB
Sample

241012-ymxhcaydpf
MD5

bda19e34929fb14315a854571abbfa9b
SHA1

9e60ef9d0884bbecab74fe00453d228373bd5b84
SHA256

d8f2bebb1a9fd29ee44c06b24cc09b1875bdc642ab9e704e0e7ce8c4729fe40f
SHA512

bb1ea726b94628b5f19ee83ad4a10ad52a25a5c99dff640dadae26a3d8dd538cd75f1ceaf82577a014ae26b60598108b7cfbd6aceb36bb98d181a53ed8b79751
SSDEEP

98304:EBgCEtdFBg/WamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RoBMZ63HsluTG:EBgJF4feN/FJMIDJf0gsAGK4RouZ9kTG

Score

10^/10

Malware Config

Targets

- Target
  
  Yippe.exe
- Size
  
  6.0MB
- MD5
  
  bda19e34929fb14315a854571abbfa9b
- SHA1
  
  9e60ef9d0884bbecab74fe00453d228373bd5b84
- SHA256
  
  d8f2bebb1a9fd29ee44c06b24cc09b1875bdc642ab9e704e0e7ce8c4729fe40f
- SHA512
  
  bb1ea726b94628b5f19ee83ad4a10ad52a25a5c99dff640dadae26a3d8dd538cd75f1ceaf82577a014ae26b60598108b7cfbd6aceb36bb98d181a53ed8b79751
- SSDEEP
  
  98304:EBgCEtdFBg/WamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RoBMZ63HsluTG:EBgJF4feN/FJMIDJf0gsAGK4RouZ9kTG
Score

8^/10

upx collection discovery execution persistence privilege_escalation spyware stealer
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  m�1D��.pyc
- Size
  
  857B
- MD5
  
  05bf542ee5a5b754ff6e7e75a505dfe6
- SHA1
  
  f7d2c48d7ea157558221a0deb48a7b2cd9f9cf0f
- SHA256
  
  9ecbd18b7c173030ba5f7d52631f7859000aa41b39b47ebb7420f663a071fb62
- SHA512
  
  25f04d50fb49ea93cca6e0c76d8b08265d9925425f50ea52f7f907eb0e0aa3f14495a027c4be97d30b61daf8e7e4de71f662c5605b193deb7041a602135fe74b
Score

1^/10
behavioral3 behavioral4