blankgrabber | 748c3f71790efb4b8170fc3835c70af2255f648f34c87b77bf8c615ceaf071af | Triage

Submit
Reports

Overview

overview

Static

static

serc PRIV V2.exe

windows7-x64

7

serc PRIV V2.exe

windows10-2004-x64

8

Sharing

General

Target

serc PRIV V2.exe
Size

6.0MB
Sample

241016-wyfymathqa
MD5

acfe97bfc66a1a9d6a279fd612a218b5
SHA1

b6f01e5fe783659aa0988566db778449dd7eb35d
SHA256

748c3f71790efb4b8170fc3835c70af2255f648f34c87b77bf8c615ceaf071af
SHA512

8d6e4d9cca83a20d1e1dca5984143712f70ad15e615922cf9e0d4708db69692d7be3c280801f50ba5dde3cef04f48f21526c28c843b47be808bca52709965600
SSDEEP

98304:QEEtdFBgwvaamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RSPMDp3fMWZd:QTFBzeN/FJMIDJf0gsAGK4RSkDmWZd

Score

10^/10

blankgrabber discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

serc PRIV V2.exe

Resource

win7-20240903-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

serc PRIV V2.exe

Resource

win10v2004-20241007-en

discovery execution upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  serc PRIV V2.exe
- Size
  
  6.0MB
- MD5
  
  acfe97bfc66a1a9d6a279fd612a218b5
- SHA1
  
  b6f01e5fe783659aa0988566db778449dd7eb35d
- SHA256
  
  748c3f71790efb4b8170fc3835c70af2255f648f34c87b77bf8c615ceaf071af
- SHA512
  
  8d6e4d9cca83a20d1e1dca5984143712f70ad15e615922cf9e0d4708db69692d7be3c280801f50ba5dde3cef04f48f21526c28c843b47be808bca52709965600
- SSDEEP
  
  98304:QEEtdFBgwvaamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RSPMDp3fMWZd:QTFBzeN/FJMIDJf0gsAGK4RSkDmWZd
Score

8^/10

upx discovery execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryexecutionupx

© 2018-2025

Terms | Privacy