General

  • Target

    Grabber Builder V2.exe

  • Size

    67.7MB

  • Sample

    241030-znqlvssldj

  • MD5

    d385ff340700687b75fc58acf58f573d

  • SHA1

    c78a4d63fa30b500503005f96c5c8586850fbaf8

  • SHA256

    06bd10f23bd6e07952505df64b6aaa6fc8a35f383ee64787f73c087a491d4590

  • SHA512

    8fa8d2269a8b90c952af57d6637720ae9357b89a59f74e512256495e699bf27ba6e463da18dd9c6427611737390f8a8047a245046a104e8dbad91d477c791ed1

  • SSDEEP

    1572864:kaM3hr+LX5WJoWbgWRSgkNOXWxtQSNIT3yxpGEmqyCY+H/:kaQr4X5M3gbcKCB3VEmzC7

Malware Config

Targets

    • Target

      Grabber Builder V2.exe

    • Size

      67.7MB

    • MD5

      d385ff340700687b75fc58acf58f573d

    • SHA1

      c78a4d63fa30b500503005f96c5c8586850fbaf8

    • SHA256

      06bd10f23bd6e07952505df64b6aaa6fc8a35f383ee64787f73c087a491d4590

    • SHA512

      8fa8d2269a8b90c952af57d6637720ae9357b89a59f74e512256495e699bf27ba6e463da18dd9c6427611737390f8a8047a245046a104e8dbad91d477c791ed1

    • SSDEEP

      1572864:kaM3hr+LX5WJoWbgWRSgkNOXWxtQSNIT3yxpGEmqyCY+H/:kaQr4X5M3gbcKCB3VEmzC7

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Clipboard Data

      Adversaries may collect data stored in the clipboard from users copying information within or between applications.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Obfuscated Files or Information: Command Obfuscation

      Adversaries may obfuscate content during command execution to impede detection.

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks