blankgrabber | fc294389bcc9151093540f5daff2ac4f200adbce93e0d19c526f5fbf1edee593

Sharing

General

Target

Black-Grabber-V3-main.zip
Size

7.6MB
Sample

250207-trnzjszkhp
MD5

7c04fc186796fefc782ebb74275ff78d
SHA1

7f212bd23f109eaaad18d688c6a1b1fdd6569c2e
SHA256

fc294389bcc9151093540f5daff2ac4f200adbce93e0d19c526f5fbf1edee593
SHA512

8a0caf1502630482e10ca3db1850011ec430a3d02d7f44b73dc7db4bf8edc186aa244f39ee9af0cc65dca31cfe8b922672bcd9debc9e8f36515a411a025f46be
SSDEEP

196608:+rBh3mwBEh/z4JZtIaO6k2BLgBXWaq4HqxzBQhT11uf:+7HEaPttOZ2iBi4K01q

Score

10^/10

Malware Config

Targets

- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/Setup.exe
- Size
  
  7.6MB
- MD5
  
  a451500fb4360686a2533dbe36bdf267
- SHA1
  
  b46ece0303b648ee4c99acb0b7148af0b9755c41
- SHA256
  
  b08885fcb89b6fc3ae6082251a404c925edcb2d21dcd7d9342f92ac64b5494b0
- SHA512
  
  8c3c6dd2b1fa3874c6342bb39ef79903d6a609b6cc35a7994efa6965bf4de5fbdb4c141399da4512cacdb6d835f862c058cd88190dcb79ba7b3ec8f6d50331b2
- SSDEEP
  
  196608:+9D+kdgwfI9jUCBB7m+mKOY7rXrZusooDmhfvsbnTNWb:k5NIHL7HmBYXrYoaUNw
Score

8^/10

upx collection credential_access defense_evasion discovery execution persistence privilege_escalation spyware stealer
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
- Obfuscated Files or Information: Command Obfuscation
  Adversaries may obfuscate content during command execution to impede detection.
  defense_evasion
- Enumerates processes with tasklist
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/black-grabber.py
- Size
  
  47KB
- MD5
  
  6244204ef58c4de2e459f9a4bb520635
- SHA1
  
  fe74e028e4528147cfa7a657cbe091bf6c565d27
- SHA256
  
  1619c0ac9446408cb9ef09c2aeceee06883a9dc3ee527f6aa302436a5709a04d
- SHA512
  
  e20911eeb1abba404f41eec215aa3e4f8eb4e0725131541462dd40290a34cae4f0f8ff3d50f7f176c796d37a8cbcde0edaeffa85cc6611cf0ae2f2d0e131552c
- SSDEEP
  
  768:ZIWv2dyd4tCyGdHXYHg8VShYVh9Fbedxkk2zWtZkfb:ZIWvkGd0gWyY/bbedxj2zqZkfb
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/loader.py
- Size
  
  651B
- MD5
  
  b1ea45935d1e59c8864f8ff7cda184cc
- SHA1
  
  b3c8590365273edfc33d1e2e495815595b58410c
- SHA256
  
  7b1f5c9368279f6ef42b6cf507990aa3bc6b74a69d6b987237e051e3db8c9f07
- SHA512
  
  06ad78ab9dee41d8cb472973dd6bd63fe22c0657c143e04d5647ca524f2ded1948adcdd4a2f052fdbb423d12f2d36f4a967b705cc3f68a8667ab3b86ddb21d1e
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/AntiSpam.py
- Size
  
  578B
- MD5
  
  4ea7b29ea782f98ed9553b0da35a728c
- SHA1
  
  1d19271948816d2cd8dcbdf5ea246aecfd3b2258
- SHA256
  
  65e7aa358eb37087ea43057f48d46b39d27ab1f6e789df62e949d57bb8e094e6
- SHA512
  
  edf1a8b429d927777169203191ca01dd5f64a7f1064eccee66b6211e48697481f20d34cbb8fad172fa569e68baab6a980d7f475bcbd879b616a1335ecf74d4da
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Browsers.py
- Size
  
  12KB
- MD5
  
  0289021684bc90fe477a344ffcab8c97
- SHA1
  
  42d444a0872ea3ade10cced4dca644351a058115
- SHA256
  
  8b9f804a2835d1c3129e0033f5c845bdbb8c13248ff0a681f3c764419b23fcd1
- SHA512
  
  7ccff6aa3ef2710c6cf7f65dfe0bcb51774952dcb3e22114aec8c092acfa17f4cb3fed26bdbdca6561910579f3c0470bc171da146650f237ad2531a66811bdde
- SSDEEP
  
  192:EGg8RI0pRHIG+abKcphGE3+OK1w81A7ln42:vbRI0pRHIG+abKcph0w81A7K2
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Clipboard.py
- Size
  
  513B
- MD5
  
  73a2d903c9a000c33567d9692b3da666
- SHA1
  
  eb1735ddc14010de5f7368c7aa9338659c18d54e
- SHA256
  
  f923a076f6b3958f5f46531e5771b015e4491a89fde41228b2f2bd96eb363d8d
- SHA512
  
  85a000d84f0198e12d72919fd5953cf8bedd6f4ebe53dbd9df233e8781257cff881bd94ad2df7bbc90713d10d7c3524e4632f10cf4e643fa89a999c473e88248
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/CommonFiles.py
- Size
  
  2KB
- MD5
  
  b353e5de3cba26130e975ad68f5f3101
- SHA1
  
  1aa66593f9970c9c0d8586310d1f9a89ad768741
- SHA256
  
  c7f836fdf1b08617032556dba562249ac2933638c24eaba3cc82badacb18830f
- SHA512
  
  d012433a24fbbf77c38168c9fbf9bf75e5bebfb580a334370bb2c05705480ab7e4108628528b176d0b132f391d96809615cd231f8175b91a531a9f7d277282d8
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Debug.py
- Size
  
  12KB
- MD5
  
  f39ae63d742b20c15649c1587d1568dd
- SHA1
  
  7c0606cb618eb7255654ddc6962cb2a079361ac5
- SHA256
  
  5aed8408bb46d0bbdb701b73106f168352de6b3b106d6a616eb13a9293252c76
- SHA512
  
  91f316e016437614845782018e4f9a4df159f8e1def9ef1cba077c0b74e977363db51791c5f67136ad724cbfd907d16a3adf63b7222d91646d1c21d9e6b7f047
- SSDEEP
  
  384:sjY/MTWaYHTzIkTOK2QXWSPwMBDSMBAkQ7fP:sjY/M/YHgI1dZJgfP
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Defender.py
- Size
  
  1KB
- MD5
  
  4de8523dd66d1921b5f5ffcecab9bdde
- SHA1
  
  68f77d081dfac56b170397832fec81ff9b427603
- SHA256
  
  07db516f4cd689e9a41bca5877bc321a65db04bbe657c8cd24152eb521973b8d
- SHA512
  
  19fc818fe330f8b55e1a21029a8df765af880e2b70d53511eb2b29524ec36b617aa6c0b725bef3532b16086c93924f4e8815a4334f89246851b3f17c6afd34fd
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Discord.py
- Size
  
  17KB
- MD5
  
  78800ca1e407202419a25901851bcf0b
- SHA1
  
  0fd496079aa1b4dd6e00fa5e5c6191a481466bc4
- SHA256
  
  e238a5347a74ae20eb41cb243bd5da00f42f3388dcff2ec5c450686f8eeca320
- SHA512
  
  c575c7edf8fdd3788f208b485ee80b2cc42822ed5a7ca5d4b60f5fe506103f1448b41472175da541fc743de2102dd52c74ece18ed6e6e38ed8c72365eb58bbee
- SSDEEP
  
  192:DYKrb6sy0EGI2g/IOwWb1lErLtivtiKCKvnEe75Cs5zTL2cn:DYKrwP2g/IOwWb1mrLtivtiKCGnEUCEn
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Fake_error.py
- Size
  
  742B
- MD5
  
  a24c6a15483d089f49e0fe91a834bf51
- SHA1
  
  10495d949bcbd9790ace173cc7273f3509470476
- SHA256
  
  3f81eda1de7999a373af7b70ed0c67a2b620348f2fd4287203f7b6ec457ddd89
- SHA512
  
  e833b8625ac9165075574ba3e287e317c119257da628cd8df5e65b5d66209d5ac2ceb5e1eb1d17476b2a16b8b31a87d7fa8db29fea8349df3eade5dde2ddec06
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Games.py
- Size
  
  3KB
- MD5
  
  ac84ebbb10f13c50cb201109710443a9
- SHA1
  
  7b9635087d1ba8fb4c6eaa5cfb831c62ace3c429
- SHA256
  
  db65d6b7a91085f2fba268605961b5c763f711e2c03f68cc6e79217843b60a02
- SHA512
  
  adf2162067259ce2b57bc61776d038d5f11ef236a8e74ab84e227414cf5e7cc37b61c6659cd5b115b9f8c2dad4496d66a585292b235b6a79e2a4f53c52e9815f
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Injection.py
- Size
  
  1KB
- MD5
  
  5cd1c3372c37c6c29d5d201778f9c5ef
- SHA1
  
  d81adf407ea173e68cc9efa9da2002f65624afcc
- SHA256
  
  c0f99318ca9ee00a6a4b841c19aef35a84fe9f62bb97d19a14bc091beb2c5a93
- SHA512
  
  284d4144f66117a4fe4253ce4816939a1cb2520538b86f526b773157af8896523a5bb9f99ada6457ce39130c716e1b9c50345b63e65eb997858e4ca5e108eaa4
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Roblox.py
- Size
  
  8KB
- MD5
  
  c145bbddbe29f6cdf0bb4b759304603b
- SHA1
  
  fdd857379729ccc982ac55165369c7ad1e687bce
- SHA256
  
  218802b3d815a1e20221966b94e1c8c5eded69dc1edcecc9b0860c2fc772a0f3
- SHA512
  
  1ea0a2f267acd91ec4c0344b2a2d9751ad5d1a1059f9e0e0b96903b1e6ae15576ca5abfb8d8fd6b597d4788ec0f2c768e5097849bcc37391670457f3e4ee2544
- SSDEEP
  
  48:egxDbM6KrN8E1uzBfs+tWc7zJ16VTPtNpKlZ+N4woWyg5P60++LRnU9:rDtkx14s+UiNMPN05fWyxgVs
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/Screenshot.py
- Size
  
  1KB
- MD5
  
  cefaed075578c6a22f0f652372a58283
- SHA1
  
  e9d631cd1741b44935325178f376c511a92f22a4
- SHA256
  
  f0bc04268c586f3852d7ac521cc2f88fdf6d2b4ed3e45d27eb7e8166a24bed70
- SHA512
  
  33a968c643b0a68f421841754818330c7843e2fcbac2bd347f16eac0dc367d0e8e9a34211c462d619f08e69de271bfd009e532e1cb950d6c105b3f3ae0215706
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Black-Grabber-V3-main/Black-Grabber-V3/options/SelfDestruct.py
- Size
  
  880B
- MD5
  
  3232f46b2c3d898f6d8b805c6b7078e2
- SHA1
  
  ff49af62b4ce4a9d82b2da5a8a89e1940f710529
- SHA256
  
  51490d94f9cbe9371904c1d60d884de62657618a5ee36e5cbc6a065bb648029f
- SHA512
  
  f7fba6a480d9d4a5cc96267ea21784f8388c28ac4337ae3cf63babc0dd133e63a06f0e63cc61f53e361f8094214b0744f87c38392bc2cc90ccffb11e54a9c0c9
Score

3^/10

discovery
behavioral31 behavioral32