blankgrabber | dc007eedcc5771b76b7168e4be1c6b4f9b5a38cc358e94f9efe3ee53d245773b

Sharing

General

Target

Condogenerator.rar
Size

19.4MB
Sample

241116-c9p6wsyenn
MD5

8e6a44c1eaccc4ee4e36a8ed6f55f895
SHA1

76f8de458e4f4367d38e43110e5b9f42798ca4c7
SHA256

dc007eedcc5771b76b7168e4be1c6b4f9b5a38cc358e94f9efe3ee53d245773b
SHA512

03b1e2824f15e51b3e3e009e163e6b864b98c46fab40362ff525ad4d7f0ecaee8d91400b059e7ee95b3af0c1dbff16fc6d19858f4808d5e002046994caa05c1c
SSDEEP

393216:MkhFwwbZtduA7cUAOeDnjuikVQ+Ueep397uMWTw2q1x:MsZR7cUAOsnjuRpUdpt7uKbx

Score

10^/10

Malware Config

Targets

- Target
  
  Condo generator/Components/BlankOBF.py
- Size
  
  5KB
- MD5
  
  b3d2f59792b99d98107717d6b7100cf3
- SHA1
  
  5cf1f176236fb12fd665301a64be7d883ca125c8
- SHA256
  
  73bd45bbbf96aa84a2abf5eef93513126bd3adbbbb5ebd5272776643d99c1fb8
- SHA512
  
  1791b325ea86c56d35ff9c9216685dd7b3d0b0d01538de5cb6310cb64750daadbeccddbe51fc985bb22a8d8e67ab1a180708e7b97441e0daa2c0b1c14e918ed8
- SSDEEP
  
  96:Fr54cd62hK9FFZ48PuCQYBX5oQL6oUMOQcL:FP6Us4B8JoQLBsQcL
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Condo generator/Components/loader.py
- Size
  
  634B
- MD5
  
  ca35548638710a32f6d4bc1a61a103c5
- SHA1
  
  2703967c4376cc2e0ca20191eff97b85989d8310
- SHA256
  
  e7dbfe873c719006f28e6526ef54215d7b7598bce5566734c552dab9f1f487e6
- SHA512
  
  d1c0839326662b240dfa4bcea7284d261be46e9bb8b03f073e0328e361321f9cdfa740abd4541b2cdc21c806bcd901d3bc3cc36b9f7e0ee6191d189df0533061
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Condo generator/Components/postprocess.py
- Size
  
  2KB
- MD5
  
  bbed9f3d87c4927b2b2bc16a6ec4da51
- SHA1
  
  c3bceb8a6fb5207abc75039e5a66afbf8324cd8f
- SHA256
  
  72eefc2defd861c48721f235717a0f8de430ea8f2bc290b429cfbdc906ba539c
- SHA512
  
  352cd87d379e0a338d44f3933b6b135a36ebe83607157dfe28330ec2c03c6b2bcbbb2d43b1a06487675eea662c76084b3f9777f5b8d0c9132d50869318fc3c78
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Condo generator/Components/process.py
- Size
  
  8KB
- MD5
  
  8cc1b499d73f3fc2140a5b0c97afd6f2
- SHA1
  
  4e60e01f11ff8fec425c74679146e13713b18931
- SHA256
  
  72f2b7cbcc38b79ce96d12e6fdd9a45874728a1abd49eed00438069ba8006f21
- SHA512
  
  ac86a61d68bdac9b019d3c8a3f6102378b3e4f23be8398e6f0d79586dd29c0d104dc66e0cba267f88fb1b1d5241b74f51c073f2395f44d8f4ca34975b7534903
- SSDEEP
  
  192:Eew1auOoI8I+IQI2Iz2Iym+IyIQICI0IiIgIcI6ISI+ISIKG2I0U0F+05dkIMN06:f4iE9pV3522EQTq1o4mE
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Condo generator/Components/rar.exe
- Size
  
  615KB
- MD5
  
  9c223575ae5b9544bc3d69ac6364f75e
- SHA1
  
  8a1cb5ee02c742e937febc57609ac312247ba386
- SHA256
  
  90341ac8dcc9ec5f9efe89945a381eb701fe15c3196f594d9d9f0f67b4fc2213
- SHA512
  
  57663e2c07b56024aaae07515ee3a56b2f5068ebb2f2dc42be95d1224376c2458da21c965aab6ae54de780cb874c2fc9de83d9089abf4536de0f50faca582d09
- SSDEEP
  
  12288:3lPCcFDlj+gV4zOifKlOWVNcjfQww0S5JPgdbBC9qxbYG9Y:3lPCcvj+YYrfSOWVNcj1JS5JPgdbBCZd
Score

3^/10
behavioral10 behavioral9
- Target
  
  Condo generator/Components/run.bat
- Size
  
  1KB
- MD5
  
  5beaf38a2e57c2813f6b19b3fb08aca3
- SHA1
  
  424b0ae28d3ea1e067e8c29d45f1f84040eaa7ec
- SHA256
  
  ceade703cb46e78226dc0331ea37f3ed9f681b5969b56ddd15ca5a39e8c067d3
- SHA512
  
  7265b1a73f2d4841b62aec2f1eeb14114051f5b09fa47049ebb0a39ae220bdf35e747c98467aa56be8fc90aa7102888ce215edc88a52212b26ee915fdbe2d486
Score

1^/10
behavioral11 behavioral12
- Target
  
  Condo generator/Components/sigthief.py
- Size
  
  10KB
- MD5
  
  57156b83bcfa0c8cbc0fc36aa02a1617
- SHA1
  
  a6aaf0f1e05924e6c6a27918f406c620cacf7a01
- SHA256
  
  caf899aedb2b0fe154de2223d86604380d2cf4a47406f881cca680c8a4b063bf
- SHA512
  
  63b8944298cdc7323ee7b193efa75018a759d10c6933d430ad62779231b9daca6b2dfd0fcac8e69b5846474b83c1deae5b82606d88c26bebad5bb31d50ff883e
- SSDEEP
  
  192:J/j5U9+6E0yWYSF/DwI6CRH2dCYwqSfU15dkAJH:J6yMSfUU1l
Score

1^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  Condo generator/Components/stub.py
- Size
  
  99KB
- MD5
  
  6dc9bbb14ef14c45d4d5d4128dbeb5ef
- SHA1
  
  22b444a2d21707449ee8f5cde4cd87bbd63e255f
- SHA256
  
  7602997372de338fbe45cb16f6bfe6d0c5bb57634ac7cf64e098a709c939d22c
- SHA512
  
  cff7bab1052443397a26aa28395d6cb139d2f270def1c0f811d2e92488e7a71daf460461cec8ea79a2f2fcaf3840b8827e9cf2c6f453fa715ff48e997eeabc3e
- SSDEEP
  
  3072:G+RNbizH0U+ma2KJpUrRiwDL0a+P4HmrHnRn:VRNC+UrFq4Kn
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Condo generator/Components/upx.exe
- Size
  
  525KB
- MD5
  
  8a98406e32ed6139bd9e75342d452948
- SHA1
  
  ed77737b88a7351d0bc5f542ddb7ce84f8f95588
- SHA256
  
  a4240ea0e8a916d15f8391edef9705ab4de1f516dd360f0a336c5358686d434b
- SHA512
  
  f5b17975560d97308a6ee66845225715e82bade9df7bc36821c76fe67fcf8d22929bf21b85e28dd11b7399d0109ab1f3786fd2010c2e5023d3a93d2bd5cf678b
- SSDEEP
  
  12288:fOHsWPQsJdQmiR0eYG16fyP8RHzS75CaNgMYqIW7I2:2QmiWK16rRHzS7U6ip2
Score

5^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral19 behavioral20
- Target
  
  Condo generator/Condo generator.exe
- Size
  
  15.0MB
- MD5
  
  9b4f30c8171b1ed05efbd39090f83ca3
- SHA1
  
  a9754ed60a1a72bd21c9d4ab86cfdd450918c820
- SHA256
  
  86a3edf01329f734d35dbd4e263228b728bc4bcee07c795953ee27e2ea70d0dd
- SHA512
  
  5fb08c71f2da738fc26b45e1c7fa8227896f024a9a8bc49d0c31ad96fa9248e019eb0d78aea637fa6d9fe143b86dc3dc0b8188c1daa7ce64a87fe7e3674263cc
- SSDEEP
  
  196608:myHYrwfI9jUCzi4H1qSiXLGVi7DMgpZ3Q0VMwICEc/jh:VIHziK1piXLGVE4Ue0VJN
Score

8^/10

upx collection credential_access defense_evasion discovery execution persistence privilege_escalation spyware stealer
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Drops file in Drivers directory
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral21 behavioral22
- Target
  
  Condo generator/Extras/unblock_sites.py
- Size
  
  1KB
- MD5
  
  0d1019573b112545f9fd41a4e0acc342
- SHA1
  
  6ab1685e4d4aa3d16307325da3c8c6a65cc1cd2a
- SHA256
  
  bf5c32f73990a16835b5b91f08647617dce973a68626ee4921bc5e2c5a07cafe
- SHA512
  
  d4cdb37acabfe9013aa8cdec6cce9040a9d9c2b52570fa45f1a0750c29860b161d0446ded2d3f31c61676f42ab2be7c01c8cffc09ae64126510ee2d484e1c561
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Condo generator/env/Lib/site-packages/PyInstaller/__init__.py
- Size
  
  1KB
- MD5
  
  18518ad311531341a3f49c1ec2f06330
- SHA1
  
  fa6150afca9f770c39da0f23efb4848fa7199ba0
- SHA256
  
  fd4250bcfe5037cc4ba20845c5c78d2d3912baa0dc3fc9865899865dbec82485
- SHA512
  
  ef8f85eba028750006e11c0c42fa6fe07786daaee855d72fe2555a30c1f48ccf61f83f7cc9922ba7b0984fa1801244210228d62736d8111b33c6616e3625e3f5
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Condo generator/env/Lib/site-packages/PyInstaller/__main__.py
- Size
  
  12KB
- MD5
  
  df62cb01d9d703d88440c8a7542449a4
- SHA1
  
  796d5e182f3797e6c75da757114d7087e24da5e0
- SHA256
  
  47e0ace3478cc015fb1cd99c38defb4f50fefc60d16d413d28949d20dc435159
- SHA512
  
  d1824712d833ae2e5bc0a58aca523c8e88feaedd4474e08bfbc41dce9d43a81368ef4b30fccc0cf54b210047c0254de6d7365fdf9ab898962544ba7b29fe4f3b
- SSDEEP
  
  192:V4BJETimiWR2DsmZEdjB/PM6p8Xc3sYKNPI6N9VW7M:V4BmTiPDsmZ+PMm8Xc3sYKNPI6XVH
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Condo generator/env/Lib/site-packages/PyInstaller/__pycache__/__init__.cpython-313.pyc
- Size
  
  1KB
- MD5
  
  cd22d1a829713d549aea1d99bb12da87
- SHA1
  
  81ce74260a8143b9033135fb0ad2a2320ac0ebb2
- SHA256
  
  0c5c0c02b85951c9d19c839a16137ed1d8e9f99e39b3d020e7893fc5cfbbdd10
- SHA512
  
  70b5d7ae89f0d95b9c214bdbf7078aaeeecce1630b211a8be3bb808071d0f4ecf25e0f8fce9f79eb9f9073d958419d6589086c1f9bd914aa17ccc261bb1c8b57
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Condo generator/env/Lib/site-packages/PyInstaller/__pycache__/__main__.cpython-313.pyc
- Size
  
  13KB
- MD5
  
  e0db20e736886bf7f41ceb8763e2e8f8
- SHA1
  
  3f04d470da816f78d73061f8e51e516062a9daff
- SHA256
  
  1ae22f730a4f473cb8f6cd62944836e9640eac6b7c66d39e56f550224eaa813c
- SHA512
  
  ca1871c449ad649ebb24fbf072d4747e4b78499754a778f4c6071c6b9bcb9bee3e6320fc2a068e56595d0cfb4a682050797d5a1d4a5b1dd4d7150d0d7ea1375a
- SSDEEP
  
  384:cZ0c/GsIJZlk8z77LDK3IrfhVpEr86orqw:DcepZz3LO3IFg+rn
Score

3^/10

discovery
behavioral31 behavioral32