blankgrabber | bef60a4036fc03d017eb53212012d33f79a1c529f1ffa60cf83745271472e103 | Triage

Submit
Reports

Overview

overview

Static

static

Built.exe

windows10-2004-x64

8

Resubmissions

04-11-2024 04:01

241104-elnz2awkfn 10

04-11-2024 03:58

241104-ej1k2swkcq 10

04-11-2024 02:54

241104-dd8tsssdjl 10

04-11-2024 02:28

241104-cx4ths1gqr 10

04-11-2024 01:59

241104-cec8va1cqp 10

03-11-2024 22:14

241103-15y51avncw 10

03-11-2024 20:45

241103-zj6saavbqr 10

03-11-2024 19:51

241103-yk91nasfra 10

03-11-2024 19:38

241103-yct98ssdmd 10

03-11-2024 13:00

241103-p818zsvbqg 10

Sharing

General

Target

Built.exe
Size

6.9MB
Sample

241104-cec8va1cqp
MD5

8a58a903d1863c9e42266e3b668214aa
SHA1

d00001e87ac7b354d995671999a1e71ad3a8a6b1
SHA256

bef60a4036fc03d017eb53212012d33f79a1c529f1ffa60cf83745271472e103
SHA512

5aa75b2d1421df6dbc95adc2040f8c3b462cc78656d2be4175b8feb44409668d2dff367de11ebec050660a098e77f89e87e91d0786c385a77008b2250b57408b
SSDEEP

98304:kVpTDjWM8JEE1FKamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGhEIs:OT0heNTfm/pf+xk4dWRpmrbW3jmr2

Score

10^/10

blankgrabber collection defense_evasion discovery execution upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Built.exe

Resource

win10v2004-20241007-en

collection defense_evasion discovery execution upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  Built.exe
- Size
  
  6.9MB
- MD5
  
  8a58a903d1863c9e42266e3b668214aa
- SHA1
  
  d00001e87ac7b354d995671999a1e71ad3a8a6b1
- SHA256
  
  bef60a4036fc03d017eb53212012d33f79a1c529f1ffa60cf83745271472e103
- SHA512
  
  5aa75b2d1421df6dbc95adc2040f8c3b462cc78656d2be4175b8feb44409668d2dff367de11ebec050660a098e77f89e87e91d0786c385a77008b2250b57408b
- SSDEEP
  
  98304:kVpTDjWM8JEE1FKamaHl3Ne4i3Tf2PkOpfW9hZMMoVmkzhxIdfXeRpYRJJcGhEIs:OT0heNTfm/pf+xk4dWRpmrbW3jmr2
Score

8^/10

collection defense_evasion discovery execution upx
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Loads dropped DLL
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Obfuscated Files or Information

Command Obfuscation

Credential Access

Discovery

Process Discovery

System Information Discovery

System Network Configuration Discovery

Wi-Fi Discovery

Lateral Movement

Collection

Clipboard Data

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

collectiondefense_evasiondiscoveryexecutionupx

© 2018-2025

Terms | Privacy