blankgrabber | 5aed83acf628eed3ff847989ef9cf1b76cccd5a844d3224661b90db7278ec62a | Triage

Submit
Reports

Overview

overview

Static

static

falcontemp.exe

windows10-2004-x64

8

��X�q^.pyc

windows10-2004-x64

Resubmissions

27-10-2024 21:30

241027-1cw5yashka 10

27-10-2024 20:59

241027-zssl1szmdp 10

Sharing

General

Target

falcontemp.exe
Size

5.9MB
Sample

241027-zssl1szmdp
MD5

b9410fa310e4031d27fba74278b8bfa8
SHA1

cdce35a0cc9ee3c4dad5d9bcfe06714f2aa8f97d
SHA256

5aed83acf628eed3ff847989ef9cf1b76cccd5a844d3224661b90db7278ec62a
SHA512

5b4d4487f03c9432b5a0fdf6a83c80a7f4696b73fe8c37d673d3db5d695a73897391c5f8fd43703b33fccb143d63fb629b85fdc58fa0f9b5b76c2f5c90f2107c
SSDEEP

98304:Pg+WCSti65sn6Wfz7pnxCjJaWlpx1dstaNoSwKHf1c3z5MOueAeFx9hEkrPF/iv3:Pzm/DOYjJlpZstQoS9Hf12VKXmbEC4V9

Score

10^/10

blankgrabber execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

falcontemp.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

��X�q^.pyc

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Targets

- Target
  
  falcontemp.exe
- Size
  
  5.9MB
- MD5
  
  b9410fa310e4031d27fba74278b8bfa8
- SHA1
  
  cdce35a0cc9ee3c4dad5d9bcfe06714f2aa8f97d
- SHA256
  
  5aed83acf628eed3ff847989ef9cf1b76cccd5a844d3224661b90db7278ec62a
- SHA512
  
  5b4d4487f03c9432b5a0fdf6a83c80a7f4696b73fe8c37d673d3db5d695a73897391c5f8fd43703b33fccb143d63fb629b85fdc58fa0f9b5b76c2f5c90f2107c
- SSDEEP
  
  98304:Pg+WCSti65sn6Wfz7pnxCjJaWlpx1dstaNoSwKHf1c3z5MOueAeFx9hEkrPF/iv3:Pzm/DOYjJlpZstQoS9Hf12VKXmbEC4V9
Score

8^/10

execution upx
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1
- Target
  
  ��X�q^.pyc
- Size
  
  857B
- MD5
  
  0f73aa2bd59a23bc53d0b7cb6dfa824a
- SHA1
  
  6e4cba0666892242cd83ec36f267efadba0dd5e4
- SHA256
  
  cc9c724663914e95dab1a1f79775fd4d28d3a5d70f74ba6c998af2b6b357327d
- SHA512
  
  6c5819547b51acf54b5d5e200ce7ffd173f425a561818d0521cf46d8162a8e38bf5a84855e55ea709a4bb0c8fd1b2109c7a75593eea1e398434e2587c3d792a7
Score

1^/10
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy