blankgrabber | ad6ea3cf42d22317b744421cae1690340e27e61a70b222bb5932c39b8f50e3fc | Triage

Submit
Reports

Overview

overview

Static

static

Multitool.exe

windows11-21h2-x64

8

Sharing

General

Target

Multitool.exe
Size

7.4MB
Sample

241028-we1tpasmbn
MD5

238b4cced07ee87a1b1a2de93d298fa4
SHA1

dc143d07db03001f0c2f44a7dc64eda77c30212d
SHA256

ad6ea3cf42d22317b744421cae1690340e27e61a70b222bb5932c39b8f50e3fc
SHA512

adbcb25d2e43b90bdc60d4abd47fa6d84406a8237fec20ece38e17010332d0cc6d94a0c71d3a7142d8e0b6e604af480276e565c1a5b555b89f6e5e9479762469
SSDEEP

196608:da8PRLjv+bhqNVoB0SEsucQZ41JBbIEs1Lt:A8PJL+9qz80SJHQK1J9sht

Score

10^/10

blankgrabber discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Multitool.exe

Resource

win11-20241007-en

discovery execution upx

windows11-21h2-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  Multitool.exe
- Size
  
  7.4MB
- MD5
  
  238b4cced07ee87a1b1a2de93d298fa4
- SHA1
  
  dc143d07db03001f0c2f44a7dc64eda77c30212d
- SHA256
  
  ad6ea3cf42d22317b744421cae1690340e27e61a70b222bb5932c39b8f50e3fc
- SHA512
  
  adbcb25d2e43b90bdc60d4abd47fa6d84406a8237fec20ece38e17010332d0cc6d94a0c71d3a7142d8e0b6e604af480276e565c1a5b555b89f6e5e9479762469
- SSDEEP
  
  196608:da8PRLjv+bhqNVoB0SEsucQZ41JBbIEs1Lt:A8PJL+9qz80SJHQK1J9sht
Score

8^/10

discovery execution upx
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Loads dropped DLL
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryexecutionupx

© 2018-2025

Terms | Privacy